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Trace evidence: System logs tell the real story of your network’s security. 
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== Datacenter has been easy to use, says Mary Kay's 


NEWSPAPER 


Running mission-critical 
applications on an untried 
operating system is a 
bigger gamble than most 
companies are willing to 
take. Early adopters of 
Microsoft's Datacenter 
Server say the high-end 
Windows operating sys- 
tem delivers on reliability 


but could benefit from less 


vendor finger-pointing and 
more flexible hardware 
offerings. Page 27 
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IT at Heart of ‘Shock and Awe’ 


With US. invasion, era 
of ‘network-centric 


warfare’ has dawned 


BY DAN VERTON 
WASHINGTON 

Military officials and experts 
are characterizing Operation 
Iraqi Freedom as the most IT- 
intensive military campaign in 
history. The campaign, offi- 
cials said, puts to the test a 
“network-centric warfare” 





strategy that has been under 
development since the first 
Persian Gulf War 12 years ago. 


“There are more computers 


on the battlefield than ever 
before,” said Col. Mark Bow- 


: Ci C | 
man, operations officer for the | 


U.S. Army’s lth Signal Bri- 
gade. In fact, there are so many 
computers involved in manag- 


ing the modern battlefield that | 


digital data networks have be- 
come more important to se- 
nior commanders than tradi- 
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| tional voice networks, he said. 


The deployable headquar- 


| ters facility of the U.S. Central 
| Command in Doha, Qatar, was 
| designed by Lexington, Mass.- 


based Raytheon Co. prior to 
the terrorist attacks of Sept. ll, 
2001. However, as military 

IT in Iraq, page 7 


INSIDE 
@ The Army for the 
first time connects 
mobile users to its 
asset-tracking system. Page 6 
@ Multinational firms with U.S. IT 
workers in the Middle East are making 
contingency plans. Page 6 
@ U.S. companies so far haven't been 
seriously harmed by war-related cyber- 
attacks. Page 7 


ONLINE 

For updated coverage of the war's IT 

impact, visit our Web site: 
QuickLink a2980 
www.computerworld.com 





‘Technology Aims 
To Sync Users’ 
Communications 


Siemens and Verizon moving to consolidate 


end-user acce 


“ss to voice and messaging systems 





BY MATT HAMBLEN 
Siemens AG today will an- 


| nounce IP-based networking 
| software designed to synchro- 


nize voice communications, 
messaging and real-time col- 
laboration tools on a mix of 
devices, including PCs, cell 
phones and pagers. 

New York-based Verizon 
Communications last 
week confirmed that 
it plans to roll out 
similar functionality later this 
year as a service for both cor- 
porate and residential cus- 
tomers. Analysts said other 
telecommunications carriers 
are also planning such moves. 

Mark Straton, senior vice 
president of global marketing 
at Siemens Information and 
Communication Networks 
Inc. in Boca Raton, Fla., said 


| the Siemens unit’s OpenScape 
| Version 1.0 software will pro- 


vide users with consolidated 


| access to all corporate com- 
| munications resources. That 
| includes phone calls, voice 


mail, e 


CONVERGENCE 


e-mail, instant messaging 
and tools for Web, voice and 
videoconferencing, he said. 

Users will be able to config- 
ure OpenScape with 
personalized rules to 
govern how incom- 
ing phone calls and e-mail 


| messages should be forwarded 
|} to them, Straton said. Like IM 


systems, OpenScape supports 
presence awareness so users 
can see when other workers 


| are logged onto networks. 


Douglass Crawford, director 


| of network services at Kaiser 


| Permanente Health Plan Inc. 


Convergence, page 16 


Mainframe Brain Drain Looms 


Retirements to sap 
expertise; data center 
group offers training 


BY PATRICK THIBODEAU 
LAS VEGAS 


It’s bumping up training costs 
and raising concerns among 
data center managers who 
wonder how they will replace 
retiring green-screen wizards 
with workers weaned on Win- 
dows and open systems. 


Addressing a problem it 
says has the potential to be- 
come acute over the next five 
to seven years, a data center 


| professional association last 

| week announced a program to 
| help companies attract and 

A mainframe skills shortage is | 
emerging as subtly as gray hair. | 


train IT professionals to pre- 
vent a future shortage of 
mainframe workers. 

At its semiannual confer- 


| ence here, AFCOM outlined a 
| Data Center Knowledge Initia- 


tive that includes offering on- 
line courses in data center 
Mainframers, page 61 
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Cold Cails Feeling the Heat 


in the Management section: Compliance with 
do-not-call laws is becoming a matter of busi- 
ness survival for companies that reap big rev- 
enues through phone-based solicitations. IT 
managers can play a significant role in helping 
to automate the process. Page 45 
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Serial ATA Takes On SCSI 


In the Technology section: Low-cost Advanced Technol- 
ogy Attachment disk arrays are gaining ground in near- 
line storage and disk-to-disk backup applications, and a 
faster class of drive arrays that use the new Serial ATA 
interface standard is likely to challenge SCSI for high- 
performance applications as well. Page 36 
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Server. Microsoft’s high-end 


covers a systems vulnerability 


America at War 


6 The Army is relying on 
mobile units to scan the 
contents of supply convoys 
and transmit the informa- 
tion via a satellite network. 


6 Companies with IT oper- 
ations in the Middle East 
have faced little disruption. 


7 Damage caused by hac- 
tivism has been minimal. 


Dell rolls out its first printers, 
but rivals are quick to answer. 


Users are anything but clear 
on Microsoft’s plan for its 
Longhorn operating system 
release. 


Privacy is at grave risk, civil 
rights and privacy groups say, 
in a proposed TSA plan to de- 
ploy an advanced airline pas- 
senger profiling system. 


The state of Pennsylvania 
pushes back its rollout of 
SAP’s payroll application. 


Oracle makes it easier for 
users to qualify for its flat-fee 
pricing approach. 


Gartner predicts at its Sym- 
posium/ITxpo 2003 confer- 
ence that business units will 
gain control over most discre- 
tionary IT spending. 


Omgeo develops a Web-based 
system to electronically link 
brokerages and investment 
managers. 


. 


. 


. 


operating system passes the 
reliability test, but users want 
more vendor support. 


30 Trace Evidence. Firewalls and 


intrusion-detection systems 
are nice, but experts say that 
log files tell the real security 
story in your network. 


34 Q&A: Making the Connection. 


Netegrity CTO Deepak Taneja 
discusses identity and access 
management in the enterprise 
and how the nature of appli- 
cations is changing. 


37 QuickStudy: Revenue Opti- 


mization Software. These 
tools help businesses set 
prices that maximize profits. 


40 Security Manager’s Journal: 


Porn Policy Collars a Million- 
Dollar Customer. Vince Tues- 
day bends strict policies 
against X-rated e-mail when 
an offender works for his 
company’s best customer. 
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48 Snake Pit or Gold Mine? How 


can a CIO know which job of- 
fers to consider and which to 
pass up? We offer 10 tips. 


50 Premium Protection. Security 


breaches. Viruses. Should you 
amend your IT insurance plan 
to cover such risks? 


52 Sealing the Deal and Collect- 


ing Their Due. IT helps sales- 
people at the front lines and 
on payday. 


tool that automatically im- 
proves the security of servers 
and PCs on your network. 


24 Maryfran Johnson assails 
vendors that are beginning to 
let their competitive natures 
undermine the standards 
process for Web services. 


24 Pimm Fox believes IT man- 
agers here can learn a lot 
about security from compa- 
nies in Israel. 


25 David Foote argues that even 
in tough times like these, 
there are four tried and true 
ways to sustain confidence 
and morale inside your IT 
organization. 


42 Robert L. Mitchell says that 
deploying Microsoft's latest 
e-mail server software could 
be the first step in a long trail 
of upgrades. 


54 Michael H. Hugos argues that 
IT is not yet a profession, and 
he offers some ideas about 
how you can make it one. 


62 Frankly Speaking: Frank 
Hayes advises companies 
with mainframes to act quick- 
ly to develop individuals with 
skills to manage that big iron 
— before it’s too late. 
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NEWS WAR IN IRAQ. 


Army Uses Mobile Technology, 
Satellite Link to 


Data scanned from supply convoys 
updates asset-tracking system in USS. 





BY MARC L. SONGINI 
S PART of the war 
with Iraq, the U.S. 
Army has deployed 
64 mobile units 
equipped with portable sys- 
tems that are being used to 
scan information about com- 
bat and supply vehicles and 
send the data via a secure 
satellite link to the Army’s 
central asset-tracking system. 

The deployment of the units 
in Kuwait and unspecified 
other locations marks the first 
time the Army has connected 
mobile users to the asset- 
tracking system, said Gary 
Winkler, project manager of 
the Army’s Transportation 
Systems Joint Program Man- 
agement Office. 

The application, called the 
Transportation Coordinator’s 
Automated Information for 
Movements System II (TC- 
AIMS ID), is built around a 
Sybase Inc. database that runs 





on a Windows server. The 


| technology was first used in 


1998 and is located at a facility 
near Fort Belvoir, Va. 

Winkler said the mobile 
units sent to the Gulf region 
each have a 65-lb. case con- 
taining a ruggedized laptop 
PC, wireless bar code and ra- 
dio frequency identification 


| readers, a printer and other 


peripheral devices. 

The equipment can be sta- 
tioned at roadsides or inter- 
sections and used to scan ve- 
hicles in army columns and 
supply convoys as they ap- 
proach, he said. 


Wireless Transmission 
The data is sent to the TC- 
AIMS II system via the U.S. 
Department of Defense’s 
secure wireless network, 
which is provided by Iridium 
Satellite LLC in Arlington, Va. 
When TC-AIMS II gets a feed 
from the Iridium network, it 


‘Track Supplies 





automatically creates new en- 
tries and updates information 
in the Sybase database, Win- 
kler explained. 

From there, the data is pre- 
sented to military offi- 
cials in the field and at 
the Pentagon via map- 
style graphical user in- 
terfaces. “It gives com- 
manders real-time infor- 
mation about where peo- 
ple and equipment are,” 
Winkler said. “And they 
know when they get to 
the final destination.” 
Up to 15,000 end users 
access the system at any 
given time, he added. 

By comparison, earlier 
applications used to 
track materials “did not 


| provide ‘in-the-box’ visi- 


bility,” Winkler said. 


| “They simply document- 


ed that a container was 
shipped and arrived. 
Consequently, all that 
was known was that 
there was a box contain- 
er in a[ military] theater, 
but no one knew exactly 


what was in the box.” 
TC-AIMS II was developed 
in the aftermath of the first 
Gulf War in a joint services 
project led by the Army. The 


Soldiers at Fort Benning, Ga., load a truck with 
supplies bound for Kuwait. Gabriel Morgan (fore- 
Ce MI ee Me Mem ORC m Ce) 
computers and communications equipment. 





U.S. IT Workers in Middle East Stay Put 


BY TODD R. WEISS 
As the war in Iraq intensifies, 
multinational companies are 
keeping a close watch on their 
IT operations in the Middle 
East and are preparing to react 
quickly if conditions deterio- 
rate. But none of the compa- 
nies that spoke with Comput- 
erworld last week have re- 
called any U.S. IT workers 
from the region. 

For example, American 
Express Co. has about 200 IT 
workers in the Middle East, in- 
cluding an undisclosed num- 
ber of Americans, said compa- 
ny spokesman Tony Mitchell. 
While no employees have 
yet been pulled out, Amex 
has been re-evaluating and 
strengthening its security pro- 
cedures in the area as a pre- 





caution, Mitchell said. 
Companies are generally 


| tight-lipped about their con- 


tingency plans in the area 

for security reasons. Out- 
sourcing vendors Affiliated 
Computer Services Inc. and 
Computer Sciences Corp., 
automaker Ford Motor Co. 
and energy company British 
Petroleum PLC all refused to 
comment for this story. Other 


Pee eeeeereseeseseseseoessesese 


i At this present 
time, we’re 
not aware of any 
business disruptions 
related to Iraq. 
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JOE STUNKARD, SPOKESMAN, IBM 





| 


companies spoke only in gen- 
eral terms. 

Stephanie Hampton, a 
spokeswoman for Washing- 
ton-based Marriott Interna- 
tional Inc., said the company 
has six hotels in the Middle 
East, each with its own IT 
systems managers. 

“It’s business as usual at 
this point,” Hampton said. 
The company has contingency 
plans in place for workers, but 


| no details are being released, 


Hampton said. 

Diesel engine manufacturer 
Cummins Inc. in Columbus, 
Ind., doesn’t have a large IT 
presence in the region, said 
spokesman Jason Rawlings. 
But the company will make re- 
location available to any expa- 
triate workers who feel un- 





comfortable where they are, 
he said. Most of Cummins’ I 
employees in that part of the 
world are in India and aren't 


| directly affected by the war, 


he said. 


Maintaining Systems 
Sun Microsystems Inc. has a 
“very small number” of U.S. 
IT workers in the Middle East 
and has plans in place to main- 
tain its IT systems in the event 
of an evacuation, said Sun 
spokeswoman Diane Carlini. 
Joe Stunkard, a spokesman 
for IBM, said few IBM em- 
ployees are in the countries 
surrounding Iraq and that 
most of the company’s work in 
the region is carried out by 
business partners. “We're as- 
sessing the potential impact 
on our employees, customers, 
facilities and partners, and 
will take appropriate actions 


www.computerworld.com 


Navy deployed the system in 
December and used it to pre- 
pare manifests of cargo and 

| military personnel on ships 
that were sent to the Persian 
Gulf, Winkler said. 


| Global View 
The Army is also working to 
integrate TC-AIMS II with two 
other logistics and transporta- 
tion systems in an effort to 
provide a consolidated 
view of the location of 
military personnel and 
materials in the air and 
on sea or land, he said. 
One of those applica- 
tions, called the Auto- 
mated Air Load Planning 
System (AALPS), calcu- 
lates the amount of cargo 
space available on air- 
craft. An integrated ver- 
sion of TC-AIMS II and 
AALPS is now in testing, 
according to Winkler. 
The integration proj- 
ect is also due to include 
the Integrated Comput- 
erized Deployment Exe- 
cution System, which 
manages the loading of 
ships. Winkler said IT 
managers plan to seek 
approval from the Penta- 
gon to put the combined 
system into production 
in December. B 


to protect and maintain our 
business operations,” he said. 
“At this present time, we’re 
not aware of any business dis- 
ruptions related to Iraq.” 

John Shaw, a spokesman for 
air conditioning and heating 
supplier Carrier Corp. in 
Farmington, Conn., said there 
are no U.S. IT workers in the 
company’s offices in Saudi 
Arabia, Bahrain, Lebanon, 
Egypt or the United Arab Emi- 
rates. And so far, he said, con- 
ditions haven’t deteriorated 
for the company as a result 
of the war. 

“There doesn’t seem to be 
any backlash against Ameri- 
can companies that I’m aware 
of,” Shaw said. “Business is 
business, and politics is what 
it is.” D 


Reporter Thomas Hoffman 
contributed to this story. 
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Little War-Related Hactivism 


BY JAIKUMAR VIJAYAN 

The vast majority of war-relat- 
ed cyberattacks last week ap- 
pear to have been little more 
than low-level Web site de- 
facements that had little or no 
impact on U.S. businesses. 

But the sustained denial- 
of-service attacks that crip- 
pled the English-language 
Web site of Arab satellite TV 
network Al-Jazeera served as 
a sobering reminder of just 
what can happen if a company 
does become a hactivist target. 

One week into the war with 
Iraq, most of the predicted cy- 
berfallout appears to have been 
limited to the Web equivalent 
of graffiti, said security ex- 
perts. “At least 99% of the at- 
tacks are pure defacement of 
Web sites” with pro- and anti- 
war messages, said Michael Al- 
brecht, a manager at F-Secure 


Continued from page 1 
IT in Iraq 


tensions with Iraq began to 
rise, CENTCOM commander 
in chief Gen. Tommy Franks 
put the project into high gear. 

Although Raytheon has 
been asked by the military not 
to divulge the specific IT sys- 
tems in use, Computerworld 
has confirmed that the mobile 
headquarters facility includes 
a high-speed fiber-optic net- 
work backbone that can deliv- 
er video over IP to the desk- 
top, as well as direct links to 
the hundreds of intelligence 
and surveillance systems and 
deployed forces in and around 
the Persian Gulf. 


Video on the Battlefield 


Col. Dan Gerstein, comman- 
der of the Army’s 93rd Signal 
Brigade in Fort Gordon, Ga., 
said the integration of real- 
time video into the military’s 
command and control opera- 
tions marks a significant de- 
parture from the first Persian 
Gulf War. Although there was 
limited use of videoconferenc- 
ing during Operation Desert 
Storm, ground forces today 








Corp. in Helsinki, Finland 

The company estimated 
that as many as 10,000 Web 
sites worldwide may have 
been defaced since the war 
began. Although U.S. govern- 
ment and military sites appear 
to be targets of choice, vandals 
are attacking any vulnerable 
service they can find, Albrecht 
said. In most instances, the at- 
tacks appeared to be coming 
from individuals rather than 
from organized groups or gov- 
ernment entities, he added. 


No Surprises 

The level of hacking activity 
has been no different from 
usual, said Marty Lidner, an 
incident-handling team leader 
at the CERT Coordination 
Center at Carnegie Mellon 
University in Pittsburgh. “In 
the big scheme of things, the 


| level of activity reported to 
us hasn’t really changed,” Lid- 
| ner said. 

“There has been no signifi- 
| cant increase in Web deface- 

| ment activity between prewar 
| chatter and actual war,” said 
Russ Cooper, an analyst at 
TruSecure Corp. in Herndon, 
| Va. “A defacement may say 
‘No war, but it would have 

| said ‘No cheese’ or something 
| else if there had been no war.” 
The minimal impact on 

| business systems so far isn’t 
surprising, said Dave Kraut- 
hamer, director of information 
systems at Advanced Fibre 

| Communications Inc. in 
Petaluma, Calif. “I think you 

| need to be extremely skilled to 
| hack into corporate systems,” 
he said. “I don’t think current 
| events make the risk of cyber- 
| terrorism any greater.” 





U.S. Central Command’s mobile headquarters facility, which was 
designed by Raytheon, at Camp As Sayliyah near Doha, Qatar. 


are making use of battlefield 
videoconferencing systems 


| as they advance on Baghdad, 


said Gerstein. 

What’s enabling that is the 
U.S. Department of Defense’s 
Global Broadcast Service 
(GBS), which provides mas- 
sive amounts of bandwidth to 
allow tactical commanders to 
receive imagery and other 
data from CENTCOM head- 
quarters or unmanned aerial 
vehicles, said Gerstein. 

The $500 million GBS is 
based on commercial direct 
broadcast satellite technology 
and provides high-speed data 
connections of more than 24M 





bit/sec. to tactical computers 


| equipped with antennas as 


small as 22 in. in diameter. 

The use of Global Position- 
ing System (GPS) technolo- 
gies is also being touted as a 
major improvement since Op- 
eration Desert Storm. Gerstein 
said some units are deploying 
GPS for “real-time situational 
awareness,” allowing for the 
direct exchange of informa- 
tion among soldiers on the 
front lines, rather than requir- 
ing information to be routed 
through headquarters. 

“The Gulf War was an ana- 
log conflict,” said Gerstein. 
“Today, there are digital for- 


Reported 
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A defacement 
may say ‘No 


| war,’ but it would 


have said “No 


| cheese’ or some- 


thing else if there 
had been no war. 
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RUSS COOPER, TRUSECURE CORP 


Moreover, most companies 


| have revamped their manage- 


ment of security threats since 
Sept. ll, 2001, said Bruce 


| Blitch, CIO at Tessenderlo 


Kerley Inc., a multinational 
chemical company with U.S. 
headquarters in Phoenix. For 
instance, Tessenderlo has fur- 
ther isolated critical plant- 
control systems and tightened 


mations at much lower levels 
of command.” 

One such command is the 
Army’s 4th Infantry Division, 
which has yet to arrive in Iraq. 
Based at Fort Hood, Texas, the 
4th Infantry Division is the 
Army’s first fully IT-equipped 
division. It will arrive in Iraq 
armed with software called 
Force XXI Battle Command 
Brigade and Below, which is 
designed to provide soldiers 
with vital battlefield informa- 
tion, especially the 
location of friendly and ene- 
my forces. 

Meanwhile, the U.S. Navy’s 


| missile-guided cruiser USS 


Shiloh is for the first time us- 
ing a system called Area Air 
Defense Commander (AADC). 
Designed by General Dynam- 
ics Corp. in Falls Church, Va., 
and powered by a suite of 
supercomputers and high- 
performance servers from 
Silicon Graphics Inc. in Moun- 


| tain View, Calif., AADC tracks 


hundreds of planes and mis- 
siles simultaneously. The sys- 
tem then displays the data 
on a 30-by-30-ft. “reality” 
screen that enables rapid 
transfer of digital information 
to end users. 


security policies relating to its 
IT infrastructure. 

“If what happened nearly 
two years ago didn’t make a 
company pay attention to se- 
curity, then it’s unlikely that 


| war with Iraq would change 
| that,” Blitch said. 


Even so, the attacks on Al- 
Jazeera show what can happen 


| if attackers get it right. The at- 

| tacks began March 25 after the 
| network posted photos of U.S 

| prisoners of war. The Web site 
| was almost totally inaccessible 


most of last week. 
The site appears to have 


| been hit with twin denial- 


of-service attacks, said Eric 


| Seigel, a consultant at Internet 
| performance monitoring com- 
| pany Keynote Systems Inc. in 

| San Mateo, Calif. One was di- 

| rected at the company’s Web 

| servers, the other at a core 


Domain Name System server 
that provides browsers with 


| the address of Al-Jazeera’s 
| Web site, Seigel said. D 


“The average commander 
has 30 to 50 gigabytes of data 


| to interpret at any given time,” 
| said John Burwell, SGI's senior 
| director of government indus- 
| try. By using a screen with a 

| wide field of vision, the system 
| enables users to interpret a lot 


of data in real time, he said 
John Hillen, senior vice 
president of Fairfax, Va.-based 


| American Management Sys- 

| tems Inc. and a veteran of the 

| first Persian Gulf War, said the 
| pace and scale of the current 


conflict is nearly seven times 


| that of Operation Desert 
| Storm, though approximately 


one-third the number of 


| troops are participating. 


“This is where transforma- 


| tion has paid off,” said Hillen. 
| “The real IT story of this war 
| is that it is the birth of net- 

| work-centric warfare and the 
| ability to make decisions 

| rapidly. We’re changing air 


sorties in flight. That was un- 
heard of 10 years ago.” D 


GPS JAMMING 


Coalition forces destroyed Iraqi GPS 
jammers that were allegedly supplied by a 
Russian company that has done business 
with the U. S. Army: 


QuickLink 37374 
www.computerworld.com 
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AT DEADLINE 


CSC to Manage IT 
For Motorola 


Motorola Inc. said it has signed a 
10-year IT outsourcing contract 
valued at $1.6 billion with Com- 
puter Sciences Corp. (CSC) in El 
Segundo, Calif. Effective May 1, 
CSC will take over management 
of Motorola’s midrange, desktop 
and distributed systems as well as 
its networks and help desk opera- 
tions. About 1,300 IT workers at 
Schaumburg, Ill.-based Motorola 
will be shifted to CSC. 


Lucent Settles 54 
Shareholder Suits 


Lucent Technologies Inc. said it 
has agreed to settle 54 share- 
holder lawsuits that were filed af- 
ter the Murray Hill, N.J.-based 
company ran into financial prob- 
lems in 2000. Lucent will pay 
$415 million in cash, stock and 
warrants to buy its shares as part 
of the deal, and it will also con- 
tribute up to $5 million to cover 
settlement-administration costs. 
The company’s insurers will pay 
another $148 million in cash. 


SAP Ships Apps 
For Midsize Users 


SAP AG has released a U.S. ver- 
sion of its SAP Business One ap- 
plications, which are tailored for 
midsize companies with up to 
several hundred workers. SAP of- 
ficials said users should be able to 
install the applications in as little 
as two weeks. The midmarket 
software uses a different code 
base than the vendor’s flagship 
SAP Business Suite products. 


Appeals Court to 
Hear Trade Groups 


A federal appeals court said it will 
hear arguments from two trade 
groups opposed to the antitrust 
settlement between the U.S. De- 
partment of Justice and Microsoft 
Corp. The groups, which are 
backed by some of Microsofi’s top 
rivals, argue that the settlement 
deal isn’t stringent enough. 


NEWS 


MARK HALL ®ON THE MARK 


Overworked (or Lazy) 
Sysadmins Get a... 


. security tool that automates fixes of vulnerabilities in network 
servers and PCs. Citadel Security Software Inc. will release Hercules 
2.0 on April 15. The upgrade will defend Solaris and Linux in addition 
to Windows. Hercules works with vulnerability-assessment products 
from companies like Internet Security Systems Inc. and Harris Corp. 
that identify security gaps on your network. Hercules collects all the 
problems in a single screen and lets a sysadmin fix them with a single 
mouseclick. And in the new release, you can set policies to remediate 


known problems immediately without noti- 
fying an admin. According to Carl 
Banzhof, Dallas-based Citadel’s CTO, 
Hercules maintains the latest software 


patches for known bugs, slams shut open | 


back doors in servers, secures insecure 
user accounts and properly contamees 
misconfigured systems, 
among other automated fix- 
es. He also points out that 
Windows servers have the 
most vulnerabilities, even 
when weighted for their market 
share, because so many 
sysadmins simply use out- 
of-the-box configurations, 
which historically have 
been “wide-open doors to 
networks.” It’s not as if 
those configuration lapses 
have been a big, dark secret, 
Banzhof admits. Lazy sysad- 
mins, perhaps? Well, the 
CTO demurs, “they’re an 
overworked bunch.” # An- 
other vendor CTO has tak- 
en a slight swipe at users. 
Eric Newcomer at Waltham, 
Mass.-based Iona Technolo- 
gies Inc. says vendor com- 


cet 


yeti 


Virtuozzo, the main- 
frame-style partitioning 
and hosting automation 
software for Intel servers 


SER e Lee O Mei oe Co 
day for the 64-bit Itanium 
microprocessor. 


Also today, ene 


Version 1.2 of its 
Wercspace tool for portal 
developers. The upgrade 
adds advanced page 
management features, a 
new page repository and 
improved real-time func- 
tions for creating and dis- 
eee Ry cnet oe 


| petition may derail the Web services 


standards efforts (see “Standards Stupidi- 
ty,” page 24). He argues, “Vendors natu- 
rally move toward creating competitive 
advantage,” which imperils the standards 
process. But he thinks it’s possible users 
can save the om, though he’s skeptical you 
will step up to the task. 
“Users are going to have to 
take control in their pro- 
curement process,” he says. 
“Tt’s the only way standards 
will happen in Web ser- 
vices.” So, will users reject 
Microsoft or IBM products 
when they veer away from 
industry standards? “It re- 
mains to be seen.” You can 
almost see him crossing his fin- 
gers. ® If you think of your 
IT operations as a service 
business inside the compa- 
ny, the arrival today of 
Changepoint 8.0 should 
grab your attention. The 
software, which can inte- 
grate with Microsoft Proj- 
ect, does more than project 
management, according to 
Chuck Tatham, marketing 


in South 


www.computerworld.com 


| VP at Changepoint Corp. in Richmond 
Hill, Ontario. It handles all aspects of 
workflow process and oversees everyday 
interrupt-driven tasks that plague IT depart- 
ments and are overlooked by project man- 
agement systems. The upgrade is now 
100% Web-based and adds Oracle9i to 
Windows SQL Server as its database, 
along with support for Microsoft Out- 
look, among other improvements. Pric- 
ing averages about $1,000 per user. # Paul 
Giardina, marketing veep at Cartesis SA 
in Paris, says today’s release of its finan- 
cial management application, Magnitude 
Version 8.2, greatly improves the software’s 
scalability by adding multiserver capabili- 
ties and load balancing as well as support 
for DB2 and Oracle to its existing sup- 
port for SQL Server. It will also add Crys- 
tal Analysis software as an option to the 
product. Finally, he says, the software 
now includes advanced budgeting tools 
that target competitors like SRC Soft- 
ware Inc. Before the year is out, Giardina 
says to expect Magnitude to include im- 
proved workflow operations and support 
for both the U.S. and European versions 
of Extensible Business Reporting Lan- 
guage. ® Portland, Ore.-based SRC must 
have been spying on its French competi- 
tor because it, too, announces a new 
product today. The new software, Advi- 
sor Series FI, lets bank employees at all 
levels perform financial modeling func- 
tions. Peri Pierone, SRC’s VP of financial 
institutions, says that unlike other ven- 
dors’ offerings, SRC “emphasizes ease of 
use without sacrificing sophistication.” 
For example, he claims that with minimal 
training, branch managers will be able to 
create models on the effect of maturing 
money-market certificates of deposit and 
shifting interest rates. The application is 
-Net-based and works with either SQL Server 
or Oracle databases. It can run as a Web- 
only application or by using Microsoft 
‘Terminal Server or Citrix MetaFrame. 
And, for those of you who care, it’s not 
from France. D 








Dell Rolls Out First Printers; Rivals React 


termarket vendors won’t be 
able to offer alternatives until 
they figure out how to reverse- 





BY BOB BREWIN 
Dell Computer Corp. made its 
entry into the printer market 
official last week by rolling 
out four models, including a 
pair of machines designed for 
use by corporate workgroups. 
Rivals are responding to 
Dell’s move. Analysts expect 
Hewlett-Packard Co. this week 
to introduce a line of printers 
for small businesses and home 
users. HP officials didn’t re- 





turn calls seeking comment. 
And just one day after Dell’s 
launch, IBM announced a 
“plug-and-print” wireless LAN 
adapter to make it easier for 
companies to hook end users 
to the printers IBM resells. 
Dell was a reseller of HP’s 
printers until last July, when 
HP ended the deal because of 
expectations that Dell would 
enter the market. In Septem- 
ber, Dell said it had signed 


| 
| 


Lexmark International Inc. to 
make Dell-branded printers. 
Dell’s models range in price 
from $139 to $839. They in- 
clude software that monitors 
ink consumption and prompts 
users to order replacement 
cartridges from Dell. Greg 
Davis, sales director for Dell’s 
imaging group, said users may 
buy cartridges from other sup- 
pliers. But Dell’s cartridges are 
unique sizes and shapes, so af- 





engineer Dell’s cartridges. 
Dell’s printers “will be ac- 
cepted as good-enough tech- 
nology” by Dell customers, 
said Peter Kastner, an analyst 
at Aberdeen Group Inc. But an- 
alyst Peter Grant at Dataquest 
Inc. said it will be years before 
Dell has any significant im- 
pact on HP’s installed base. D 


Tom Krazit of IDG News Ser- 
vice contributed to this report. 





Are you really as dense 
as we think you are? 


As racks become increasingly popu- 
lated with thinner, deeper servers, 
high power densities in your server 
room or data center can create 
havoc, from early equipment failures 
to expensive, forget-about-your-job- 
security downtime. 


Introducing InfraStruXure™ architec- 
ture, the industry's only patent-pend- 
ing, network-critical physical infra- 
structure. InfraStruXure” lets you 
target power and cooling precisely 
where your mission-critical applica- 
tions live—the rack enclosure. 


And because InfraStruXure architec- 
ture uses a modular, manageable, pre- 
engineered approach, you can select 
standardized components to create 
your own customized solutions. 


Which means you can target avail- 
ability, pay as you grow, adapt to 
change, and maximize efficiency 
while minimizing installation, operat- 
ing, service, and maintenance costs. 


In times like these, it pays to think 
smart. For more information on 
InfraStruXure’s open, adaptable, 
and integrated architecture for on- 
demand, network-critical physical 
infrastructure, visit us online today 
at www.apc.com. 


Winner of the Windows and .Net Magazine “2002 
Reader's Choice Award for Best High Availability 
Solution” and the GCN “Best New Technology 
Award” at FOSE, March 2002. (Awarded to 
PowerStruXure™, which is now included under the 


InfraStruXure™ brand.) 


{ 


[hot ait) <I 


High power densities can create hot 
spots, which cause equipment failures 
and expensive downtime 


(floor plan) 


Traditional data centers are built out 
for future capacity and require a 
large amount of floor space that 
could be otherwise utilized. High 
power density racks create danger- 
ous hot spots. 
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Infrastrup Cure 


POWER: 


Ne G 


Open, adaptable and integrated 
architecture for on-demand 


network-critical physical infrastructure 


[cold air] 


InfraStruXure’s advanced cooling 
components help remove heat from 
your servers and target air circulation 
where it is most needed. 


Air components designed for 
InfraStruXure™ are manageable via 
network technology, and feature a 
modern, reliable design with fewer 
Moving parts. 


— BEFORE -—.... —_{fG}-— 


(floor plan) 


InfraStruXure™ lets you build out capacity 
only as it's required. Save up to 50% 
CapEx and 20% OpEx*, and reclaim an 
average of 20% usable space. 
InfraStruXure AIR delivers cooling 
directly where it is needed, eliminating 
dangerous hot spots. 


For a closer look at InfraStruXure™, attend a FREE APC Executive 
Breakfast Seminar in your area. For more information visit: 
http://promo.apc.com and enter key code below. 


* Representative savings based on projected power infrastructure build-out costs and estimated service cost per unit. 


Actual savings may vary. 


| “Our Video on Demand (VOD) 


servers are air cooled from front 
to back. The APC racks that 
house the InfraStruXure are also 
designed to cool from front to 
back. So the same racks can 
effectively house our power sys 
tem and our servers.” 
Vince Pombo 
Vice President of Engineering 
Rich Flanders 
Director of Engineering 
Time Warner Cable 


“If | had purchased the incum- 
bent vendor's 3-phase upgrade 
model, | would have paid 75% 
more in service costs over the 
next four years and | would 
have had to utilize 50% more of 
my precious floor space.’ 


Captain Timothy Riley 
Support Services Division 


Every product carrying this mark has 
been tested and certified for use with 
infraStruXure™ architecture. Before 
you buy, check for the X to guarantee 
product compatibility. 


Arc 


Legendary Reliability” 


White Paper on Avoiding Costs from Oversizing Data Center 
Infrastructure and Free InfraStruXure” Brochure 


Visit http://promo.ape.com Key Code j397y © Call 888-289-APCC x2706 © Fax 401-788-2797 


©2003 American Power Conversion Corporation. Ali Trademarks are the property of their owners. E-mail: esupport@apec.com © 132 Fairgrounds Road, West Kingston, Rl 02892 USA {ISX1B3EF-US 
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Users Find Microsoft’s 
Server OS Plans Unclear 


Say feature packs 
OK provided there's 
no price increase 
BY CAROL SLIWA 
ICROSOFT CORP.’S 
lack of clarity 
about plans for 
its future server 
operating system releases 
doesn’t appear to be 
disturbing too many 
corporate users, who 
rarely rush to up- 
grade to the latest re- 
lease anyway. 

But they’re certain to start 
clamoring if they find that any 
of the plans under considera- 
tion lead to cost increases. 
Several IT managers said last 
week that optional add-ons or 
feature packs might be helpful, 
but they don’t want to pay for 
them unless they use them. 

“The important thing is no 
new licenses,” said Alejandro 
Bombaci, CIO at Empresas Po- 
lar, a consumer goods manu- 
facturer and distributor in 
Caracas, Venezuela. 

The prospect of separate 
downloads, overlays or option 
packs for the Windows release 
code-named Longhorn came 
to light two weeks ago when 
Brian Valentine, senior vice 
president of Microsoft’s Win- 
dows division, spoke with 
Computerworld. Valentine said 
new server functionality will 
be needed to accompany the 
Longhorn client operating sys- 
tem release, which he said is 
due in 2005 (QuickLink 37215]. 

Noting that plans are “flu- 
id,” Valentine also said there 
might be a Longhorn server 
operating system release, even 
though Microsoft in Novem- 
ber had taken great care to 
inform the media that Long- 
horn would be a client-only 
release. Valentine told Com- 
puterworld that the November 
pronouncement was “a bit 
premature.” 

Jay Jamison, director of 
product planning in the Win- 


a LY 
SUS 


| dows server group, confirmed 
| last week that Microsoft is 
| considering a full range of op- 
tions, including a new server 
operating system, a supple- 
mental add-on similar to the 
option pack that shipped after 
Windows NT 4.0 or an “out- 
of-band feature release” to the 
server operating system. 
Jamison said Microsoft 
could make available 
a feature in the same 
manner that it will 
release the group 
policy management 
console after the April 24 
launch of Windows Server 


| 2003, which was released to 


manufacturing last Friday. Sev- 
eral other components for the 
new server operating system 


| will also be delivered in piece- 


meal fashion following the 

product launch (see box). 
But Valentine said it’s too 

early to tell how the server 





enhancements expected along 
with Longhorn will be pack- 
aged and priced. 

“If they’re going to bundle 
software that I won’t use and 
then increase the price of the 
base operating system, then 
I’ve got a problem,” said 
Neville Teagarden, CIO at 
Navigant International Inc. in 
Englewood, Colo. “If it be- 
comes too complicated to de- 
termine the actual server pric- 
ing, software configuration 
and license compliance be- 
cause everything is a la carte, 
then that’s also a problem.” 

Teagarden said he prefers a 
full server operating system 
release because he wants solid 
integration testing done by 
Microsoft “rather than having 
to figure out which combina- 
tions of software work or 
don’t work on our own.” 

Other users, however, said 
optional feature packs or add- 





ons might be useful. Bill Fine- 
field, CIO at Navy Exchange 
Service Command in Virginia 
Beach, Va., said it would be 
helpful to be able to choose 
what his company could use 
“vs. what just takes up space,” 
as long as the add-ons or fea- 
ture packs are easy to install 
and deploy. 

Jim Prevo, CIO at Green 
Mountain Coffee Roasters Inc. 
in Waterbury, Vt., said one po- 
tential downside is the in- 
creased complexity of mainte- 
nance for both Microsoft and 
his company. “They would 
have more variability in the 
configuration of their installed 
base, and that would make 
their patches and fixes harder 
to maintain,” he said. 


Uncertainty Remains 

Any worries are premature, 
with so much uncertainty sur- 
rounding Microsoft’s Long- 
horn server plans. Rob Ender- 
le, an analyst at Cambridge, 
Mass.-based Giga Information 
Group Inc., said that because 
Longhorn has slipped from 
2004 to 2005, he thinks there 
will have to be a Longhorn 
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server operating system. En- 
derle predicted that the Long- 
horn server version will 
emerge in 2006. 

Gartner Inc. in Stamford, 
Conn., however, predicts that 
there will be server function 
packs, rather than a full Long- 
horn server operating system 
release. 

“Our belief is that’s too big 
— too much too quickly,” said 
Gartner analyst Tom Bittman, 
noting that Windows Server 
2003 is just coming out. “Peo- 
ple are not going to want to 
absorb a full release.” D 








BY JAIKUMAR VIJAYAN 
A coalition of privacy and civil 
rights organizations is asking 
Congress to stop the deploy- 
ment of the Transportation Se- 
curity Administration’s (TSA) 
recently announced airline 
passenger profiling system. 

In a letter addressed to the 
chairman of the House Select 
Committee on Homeland 
Security last week, coalition 
members urged Congress to 
carefully assess the program’s 
effectiveness and its privacy 
implications before allowing 
the TSA to move forward. 
Coalition members include the 
Electronic Privacy Information 
Center (EPIC) and American 
Civil Liberties Union. 

The TSA is believed to have 
started testing a second-gen- 








eration airline passenger pro- 
filing system known as the 
Computer Assisted Passenger 
Pre-Screening System II 
(CAPPS-ID in early March. 
TSA has asked Delta Air 
Lines Inc. to provide assistance 
during early infrastructure test- 


m What passenger informa- 
UO Meee ir Rte] 
A La 


What internal oversight 
USER Rn Eta 


= How could the information 
CIT Melua le Ti cee 


What private entities could 
gain access to the data? 
SOURCE. LETTER SENT TO THE HOUSE SELECT 


COMMITTEE ON HOMELAND SECURITY BY COAL! 
TION OF PRIVACY AND CIVIL RIGHTS GROUPS 





‘Proposed Air Passenger Screening 
System Alarms Privacy Advocates 


Puts civil rights at serious risk, groups say 


ing by providing it with passen- 
ger data relating to name, ad- 
dress, telephone number and 
date of birth of passengers. 
The system is being devel- 
oped in collaboration with 
Lockheed Martin Management 
and Data Systems. It can con- 
firm a passenger’s identity and 
any potential security threat 
the passenger might pose in 
less than five seconds, accord- 
ing to a description of the sys- 
tem on the TSA's Web site. 
Under the plan, the TSA 
will require every U.S. com- 
mercial air carrier to supply it 
with passenger information 
collected during the reserva- 
tion and ticketing process. 
This information will then be 
combined with credit and oth- 
er personal data contained in 
government and commercial 
databases to arrive at a risk 





score for every passenger. 

The proposed plan is evok- 
ing a maelstrom of protest 
from privacy and civil rights 
groups that are questioning 
the efficacy of such a profiling 
system and charge that it’s a 
violation of privacy. 

“There are serious civil lib- 
erties issues with any data 
mining program whose result 
will be used to determine 
whether Americans are eligi- 
ble to fly or not,” said Lee 
Tien, a senior staff attorney at 
the Electronic Frontier Foun- 
dation, a privacy rights organi- 
zation in San Francisco. 

There are also serious ques- 
tions about whether such pro- 
filing is effective, said Chris 
Hoofnagle, a deputy consul at 
the EPIC in Washington. “One 
should ask why we should 
build this incredible system of 
identification, authentication 
and profiling when we could 
take the money and focus on 
less-invasive and proven tech- 
nologies” such as bomb-detec- 
tion equipment, he said. D 





If you’re busy monitori 
who’s watching yo 


The new HP ProLiant DL740 
8-way with hot-plug 
RAID memory. 


- Ultradense 4u modular chassis 
with up to eight Intel® Xeon™ MP 
1.5 GHz or 2.0 GHz processors 

- Up to 64GB addressable memory 

- Groundbreaking F8 chipset 

- 6-64 bit/100 MHz PCI-X slots 

- Integrated Lights-Out Standard 
(iLO) for Remote Server Mgmt 


The new HP ProLiant DL760 
G2 8-way with hot-plug 
RAID memory. 


- Up to eight Intel” Xeon™ MP 
1.5 GHz or 2.0 GHz processors 
- Up to 64GB addressable memory 
- Groundbreaking F8 chipset 
- 10-64 bit/100 MHz PCI-X, 
1-64 bit 33 MHz slots 
- Remote Insight Lights-Out Edition Il 
(optional) for Remote Server Mgmt 


Sep as 


jour servers, 


ir business? 


What challenges do you face today? Decreasing budgets? The 
lurking possibility of downtime? It’s hard enough to focus on 
moving your business forward when you're constantly looking 
over your shoulder to see if everything is up and running 


Besides, that’s the job of the new HP ProLiant DL700 series 
running Intel® Xeon™ MP processors. An adaptive infrastructure 
begins with these HP Proliant servers which come equipped 
with tools that predict, self-diagnose and fix many fault 
conditions. And now with hot-plug RAID memory exclusively 
from HP. you can add or replace DIMMs without turning 
your systems off. Both work with the HP ProLiant Essentials 
Foundation Pack featuring Insight Manager 7 software which 
monitors and controls your infrastructure for maximum uptime 


At the end of the day, you'li have more control over your 

infrastructure, help avoid unplanned downtime and reduce 
overall maintenance costs. Not to mention freeing yourself 

up for more important things 


To learn how HP Proliant servers can be a 
part of maximizing your company’s uptime, 
download CMP’s executive brief on high avaiiability 
at www.hp.com/go/proliant85 or call 
1-800-282-6672, option 5, and mention code YPH. 
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Space Agency 
Names New CIO 


NASA named Patricia Dunning- 
ton as its new CIO, effective im- 
mediately. Dunnington, who has 
been the agency's deputy CIO 
since August, takes over man- 
agement responsibility from act- 
ing ClO Paul A. Strassmann. 
Strassmann, a former Computer- 
world columnist, ran NASA's IT 
department since July. A NASA 
spokesman said Strassmann 
plans to retire to private life. 


Microsoft Warns of 
Flaw in Windows 


Microsoft Corp. warned that a 
security flaw in a network com- 
ponent of Windows XP, 2000 
and NT 4.0 could expose sys- 
tems to denial-of-service at- 
tacks. The problem lies in Micro- 
soft’s implementation of a re- 
mote procedure call protocol 
that lets applications on different 
computers communicate with 
one another. The company has 
posted a patch on its Web site. 


Huawei Admits It 
Used Cisco Code 


A week after rejecting Cisco 
Systems Inc.’s allegations in 
January of patent infringement 
and technology copying, net- 
working vendor Huawei Tech- 
nologies Co. acknowledged in 

a court filing that one of its 
employees obtained some Cisco 
source code in 1999. Shenzhen, 
China-based Huawei said it’s 
pulling from the U.S. market 
products built with the source 
code. 


Short Takes 


Citing information uncovered by 
federal investigations about its 
accounting practices, NETWORK 
ASSOCIATES INC. in Santa Clara, 
Calif., said it will restate its fi- 
nancial results for 1998 through 
2000. . . . Ottawa-based soft- 
ware vendor COREL CORP. said 
it’s talking to two venture capital 
firms about a possible takeover. 





| Vendor drops 
| $250K spending 


| Looking to boost sales of its 


| ware bundle covered by the 





NEWS 


Pennsylvania Delays 
Portion of SAP Project 


State pushes payroll module back by 


| nine months; other apps work continues 





BY MARC L. SONGINI | 
TATE OFFICIALS in 
Pennsylvania have put 
the brakes on a major 
piece of a $160 million | 

rollout of SAP AG’s enterprise 

resource planning 

(ERP) applications 

because of soft- 

ware customiza- 
tion, system integration test- | 
ing and end-user training re- 
quirements. 

Pennsylvania Secretary of | 

Administration Bob Barnett 

last week said the state gov- 

ernment has temporarily halt- 


| ed the installation of the 
human resources modules that 
| are part of a planned state- 


wide SAP R/3 implementa- 
tion. The go-live date on those 


applications was pushed from 
next month to January. 

The delay underscores the 
findings of a report that’s be- 
ing released today by Nucleus 
Research Inc. in Wellesley, 
Mass. In the re- 
port, which was 
based on inter- 
views with 21 of 
SAP’s customers, Nucleus said 
returns on investment can be 
hard to achieve on R/3 roll- 
outs —- especially when users 
customize the applications. 

According to Nucleus, 12 of 
the 21 users said they hadn’t 
achieved an ROI after working 
with R/3 for an average of 
nearly three years. In particu- 
lar, said Nucleus analyst Re- 
becca Wetteman, companies 


that customized R/3 slowed 
down their deployments and 
increased their costs. 

But SAP users aren’t alone 
in facing such challenges, said 
Wetteman. Nucleus recently 
released similar reports about 
users of Siebel Systems Inc.’s 
customer relationship man- 
agement software and i2 Tech- 
nologies Inc.’s supply chain 
applications. 

In Pennsylvania, work has 
bogged down on SAP’s payroll 
application. Barnett said the 
software itself isn’t the prob- 
lem. But, he added, it required 
tweaking to handle thousands 
of work schedules and hun- 
dreds of pay grades for the 
state’s 80,000 employees. 

The ERP system is also re- 
quiring more extensive train- 
ing for end users than expect- 
ed, Barnett said. In addition, 
more testing is needed to en- 
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sure that the payroll software 
can interoperate with a sepa- 
rate accounting system used 

by the state treasurer’s office. 

Despite the payroll setback, 
Barnett said Pennsylvania “is 
going on a faster timetable 
than others doing a major 
project like this.” The project 
also involves the ongoing in- 
stallation of financial, pro- 
curement and other applica- 
tions to replace a variety of 
homegrown and third-party 
products. 

William Wohl, a spokesman 
for SAP America Inc. in New- 
town Square, Pa., said the soft- 
ware vendor was encouraged 
by Pennsylvania’s decision to 
slow down the payroll installa- 
tion. “They are setting an ex- 
ample to other state govern- 
ments to learn to take their 
time and do it right,” he said. 

In response to the Nucleus 
report, Wohl acknowledged 
that R/3 projects can be com- 
plex — not because of the 
software itself but because 
ERP rollouts usually require 
“a whole new way of thinking” 
about business processes. DB 





Oracle Modifies Pricing, 
Bundling of Applications 


requirement 


BY MARC L. SONGINI 


enterprise applications, Ora- 
cle Corp. last week announced 
new software licensing terms 
that it said will make it easier 
for users to qualify for the flat- 
fee pricing the company put in 
place 14 months ago. 

But Oracle is also removing 
some products from the soft- 


flat-fee approach, which lets 
users license a set of the com- 
pany’s E-Business Suite appli- 





cations for a single price. The 
modules being excised, which 
are primarily user self-service 
tools in areas such as human 
resources, will now have to be 
bought separately, Oracle said. 
On the plus side, Oracle is 


eliminating a requirement that 


| customers spend at least 
| $250,000 to qualify for the all- 


encompassing pricing. It’s also 
reducing from 20% to 10% the 
minimum number of employ- 
ees for which a company 
needs to buy licenses. 

“We've streamlined [the 
pricing] and made it more 
flexible, not only for smaller 
customers, but [also for] larg- 
er customers,” said Jacqueline 
Woods, vice president of glob- 
al practices at Oracle. 

Company officials decided 
that the previous user-licens- 
ing minimum “was more than 
the market could handle un- 





der the current economic con- 
ditions,” Woods said. 

The changes could help 
some companies reduce their 
licensing costs, Woods said 
(see chart). But users will still 
be able to buy any of Oracle’s 
applications on an individual 
basis if that’s less expensive 
than the flat fees are, she said. 

In addition to the pricing 
changes, the company re- 
named the software E-Busi- 
ness Suite 2003. 

At the independent Oracle 
Applications Users Group 
(OAUG) in Atlanta, the jury is 
still out on the new pricing 
scheme. “We have to keep in 
mind the global aspect of this 
and wait for input from mem- 
bers,” said Pat Dues, an OAUG 
board member who works as a 
project officer at the Las Ve- 


FOR A COMPANY WITH 200 EMPLOYEES 


OLD PRICING 


It was required to buy at least 
eR Tirso mm CUM OTe eRe 
ee TORU OM aur 
wouldn’t have met the 
$250,000 spending minimum. 


It can buy as few as 20 
Professional licenses for 
$79,900, and it won't surpass 
it's former cost of $250,000 
TRIG Slt eo oR [ety tio 





gas city manager’s office. 

Frank Milano, CIO at Terra- 
con Inc., an engineering con- 
sulting firm in Lenexa, Kan., 
said he may consider using the 
new licensing approach if he 
expands his installation of Or- 
acle’s enterprise resource 
planning applications. 

“As a CIO, I always think 
that their pricing is too high,” 
Milano said. But the licensing 
changes make it look like Ora- 
cle is “starting to become mar- 
ket-driven,” he added. 

Like SAP AG, Oracle has 
had a mishmash of pricing 
structures because it offers 
such a wide range of applica- 
tions, said Joshua Greenbaum, 
an analyst at Enterprise Appli- 
cations Consulting in Daly 
City, Calif. The flat-fee pricing 
scheme was designed to ad- 
dress that, but Greenbaum 
said the $250,000 minimum 
buy-in figure was a deterrent 
to smaller companies. D 


James Niccolai of the IDG 
News Service contributed to 
this report. 
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Gartner: Business Units to Get 
More Control of IT Spending 


Some IT execs say it’s already happening 
and view it as a positive development 





BY THOMAS HOFFMAN 
SAN DIEGO 
ARTNER INC. ana- 
lysts last week pre- 
dicted that business 
units will gain con- 
trol over a majority of discre- 
tionary spending on technolo- 
gy this year. If that happens, it 
could force IT departments to 
meet project milestones set by 
business managers before they 
get funding to pay for addi- 
tional work. 

Some attendees at Gartner’s 
Symposium/ITxpo 2003 con- 
ference here said they don’t 
expect that scenario to play 
out in their organizations, at 
least in the short term. But 
other IT executives said they 
have already seen the trend 
emerge — and it has been to 
their advantage thus far. 

“T’m already seeing some of 
that occur in our organization, 
and it’s helpful,” said Craig 
Betts, director of enterprise 
resource planning and distrib- 
ution technology at Sierra Pa- 
cific Resources in Reno, Nev. 
Although Sierra Pacific has 
shifted control of IT spending 
only to a few business units, 
Betts said the change has 
helped his company’s IT de- 
partment by giving business 
managers responsibility for 
planning and overseeing IT 
project requirements. 

“When we own everything, 
I have to handle the budget, 


and if the business units aren’t | 


aligned with IT, they hand 
everything over to us,” Betts 


Peco rerreccscesecescseeseseeees 


Correction 

The March 17 article “Getting 
Started with Linux” stated that 
The Weather Channel Interactive 
Inc. migrated to the Tomcat 
open-source application server in 
dune 2000. The migration didn’t 
take place until June 2002. 


| communications 





said. Without direct input 
from business leaders on their 
IT needs, keeping require- 
ments-planning efforts on 
track is “a shot in the dark,” he 
added. 

An IT spending shift also 
has started at Industrie Cana- 


| da, the Canadian department 


of commerce. That’s accord- 
ing to Sean Barr, industry sec- 
tor officer for the agency’s 
Spectrum, Information Tech- 
nologies and Telecommunica- 
tions Gateway division, which 
is the Canadian equivalent of 
the U.S. Federal Communica- 
tions Commission. 

“It’s been good for me and 





Other Gartner 
Predictions 
= Underfunding necessary IT 
upgrades today will lead to 
higher costs once the economy 


improves and demand for IT 
products increases. 


® By 2006, 30% of data process- 
ing will be done through utility- 
based computing models that 

let companies pay for computing 
resources as needed. 


our business unit when it has 
occurred, because there’s 
more of a direct path for fund- 
ing,” Barr said. “But I can see 
how this could be a problem 
for other CIOs.” 

Car! Schulz, an IT consul- 


'Omgeo Readies Web Portal 


For Allocating Stock Trades 


‘Tool potentially 
reduces manual 


BY LUCAS MEARIAN 
NEW YORK 


| Omgeo LLC this week plans to 


begin beta-testing a Web- 
based tool aimed at boosting 


straight-through processing of 


trades between brokerages and 
investment managers by elimi- 
nating the need for the firms 
to communicate via fax and 
telephone to allocate shares. 
Boston-based Omgeo, which 
offers an automated trade- 
matching service, announced 
the allocation management 
engine last week and said it 
should be ready for commer- 
cial release by midyear. The 
tool is an end-user portal 
that’s based on XML and Java 
2 Enterprise Edition and will 
be run on Solaris servers with 
BEA Systems Inc.’s WebLogic 
application server software. 
Omgeo officials said at a 





press conference here that in- 
dependent investment man- 
agement firms will be able to 
use the Allocation Manager 
portal free of charge. The 
company, which is jointly 
owned by The Depository 
Trust & Clearing Corp. in 
New York and Thomson 
Financial in Boston, plans to 
charge brokerages about $1 
for each trade they process via 
Allocation Manager. 

David Oxenstierna, an exec- 
utive director at Morgan Stan- 
ley in New York, said that 
could add up to thousands of 
dollars a day. But he added 


| that he’s willing to pay the fee 


in order to streamline the 


; processing of transactions 


with investment firms that 
currently lack automated 


| trade-matching capabilities. 


“To us, [using faxes and 
phones] is an inefficient way 
to process trades,” Oxenstier- 
na said. “It represents [added] 
operational costs and the risk 
of mishandling things.” 





tant at Delta Corporate Ser- 
vices Inc. in Parsippany, N,J., 
said a growing number of 
companies are giving business 
units control of discretionary 
IT spending — the money 
above and beyond what’s 
needed to run day-to-day IT 
operations. Schulz said he has 
also seen business units “place 
their own people in an IT or- 
ganization to oversee spend- 
ing and manage projects.” 

But other IT managers at 
the conference said project 
purse strings either remain in 
their grips or have even been 
returned to them. 

“We started taking back 
control of some IT spending 
that was taking place in busi- 
ness units, where [rogue] ‘IT 
entities’ had cropped up,” said 


Gordon Marchand, vice 
president and treasurer at 
Yeager, Wood & Marshall Inc., 
a New York-based investment 
firm that manages about $800 
million in assets, said he pilot- 
ed Allocation Manager and 
likes its ease of use. For exam- 
ple, the software lets users set 
up drop-down lists of invest- 
ment clients that “can be cus- 
tomized and configured to our 
needs,” Marchand said. 

But Allocation Manager has 
some gaps that need to be 
filled, added Marchand, whose 
firm is among the thousands 
of small and midsize invest- 
ment managers that continue 
to manually transmit trade- 


FEATURES 


A Web-based system that 
investment managers can use 
to electronically submit trade- 
allocation data to brokerages. 


Access to Omgeo’s trade- 
PMO ce URI Ce:\ cad 
system, a database containing 
industrywide trade settlement 
instructions. 
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an IT manager who works for 
a branch of the U.S. military 
and requested anonymity. “In 
some instances, business units 
will receive funding for IT 
projects and direct that to us.” 

Some companies have taken 
approaches that combine IT 
and business-unit control over 
spending. Four years ago, The 
Northwestern Mutual Life In- 
surance Co. began moving to a 
funding model in which busi- 
ness-unit leaders sit on a cor- 
porate planning board that de- 
cides on all discretionary IT 
spending before funding is al- 
located to the IT department. 
That setup “has worked out 
very well for us,” said John 
Hillmer, director of technolo- 
gy services at the Milwaukee- 
based insurer. B 


REAL-TIME CHANGES 


Conference attendees said delivering real- 
time data to business executives requires 
big changes outside of IT: 


QuickLink 37350 
www.computerworld.com 


allocation data to brokerages. 
Omgeo has to add the abili- 
ty to print and save transac- 
tion data to meet the U.S. Se- 
curities and Exchange Com- 
mission’s record-keeping 
rules, Marchand said. Alloca- 
tion Manager also needs to be 
able to automatically notify 
investment managers when 
trades have been executed, 
he said. In addition, major 
brokerages “have to adopt this 
thing,” he noted. “Otherwise, 
we're still going to be in a fax- 
and-phone environment.” 
Omgeo developed Alloca- 
tion Manager with financial 
backing from four brokerages: 
Morgan Stanley, Credit Suisse 
First Boston Corp., J.P. Morgan 
Chase & Co., and UBS War- 
burg. Adam Bryan, Omgeo’s 
president and CEO, last week 
said 21 other brokerages have 
signed up to use the portal. 
Bryan added that he will 
continue to meet with invest- 
ment managers to fine-tune 
the software before it’s made 
available in May or June. Om- 
geo is exploring technologies 
that could be used to send 
trade-execution notices to 
Pagers or via e-mail, he said. D 
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Continued from page 1 


Convergence 


in Oakland, Calif., said the 
health care provider plans to 
test OpenScape in a lab and 
then run a pilot project that’s 
expected to last through year’s 
end. If the software works as 
promised, OpenScape could 
improve productivity for many 
of Kaiser’s 135,000 workers and 
reduce the number of devices 
that the company has to buy 
for them, Crawford said. 
“Taking voice mail, e-mail 
and IM and putting them into 
a portal leverages all the dis- 
parate capabilities we have to- 
day and drives efficiencies,” he 
said. “So my question is, Can 
Siemens really pull it off?” 
Crawford said he needs to 
evaluate how Kaiser’s business 
units would deploy and use 
the product and what it would 
cost to implement. For exam- 
ple, the software could require 
the addition of new Windows 
servers and some restructur- 
ing of the company’s network 
architecture. Kaiser has also 
been approached by a Baby 
Bell offering OpenScape-like 





functionality as a monthly ser- | 


Vendors Offer Tools to Track | 


OpenScape Stands Out, Analyst Says 


Vendors such as Cisco Systems 
Inc., Nortel Networks Ltd. and 
Pleasanton, Calif.-based Poly- 
com Inc. already sell products 
that support some levels of 
communications convergence, 
said Meta Group analyst Chris 
Kozup. But none of those offer- 
ings is as complete as Open- 
Scape is, he added. 

As an example of how Open- 
Scape could be used, Siemens 
Officials said a salesman could 
have voice mail messages from 
a hot business prospect routed 
directly to a device such as a 
pager, smart phone or laptop 
PC. Under that scenario, Open- 
Scape could be set up to con- 
vert the voice mail messages to 
text that would be sent to the 


| vice, Crawford said, declining 


to identify the company. 
Instead of running on con- 
ventional telecommunications 
switches, OpenScape will be 
server-based, Straton said. 
The software will initially 
work only with Microsoft 
Corp.’s forthcoming Windcws 


designated device as an instant 
message or e-mail. Other callers 
would be able to leave only reg- 
ular voice mail messages. 

Douglass Crawford, director 
of network services at Kaiser 
Permanente, said those kinds of 
capabilities could be a boon for 
end users. But he also sees a 
potential downside if message- 
delivery problems occur. 

A voice mail problem can be 
traced to a single source now, 
but a similar snafu that affects 
OpenScape users might involve 
other communications systems 
that are connected to the soft- 
ware, Crawford said. “Complex 
systems have more things to 
break,” he noted. 

~ Matt Hamblen 


Server 2003 operating system. 
But Straton said Siemens plans 
to add Unix and Linux support 
within the next two years. 
OpenScape, which supports 
the emerging Session Initia- 
tion Protocol, is due for com- 
mercial release in September 
at a cost of $400 per user (see 


License Compliance, Usage 


IT managers could 
use software to root 
out unneeded apps 


BY MATT HAMBLEN 

Two software vendors last 
week separately aniounced 
products that IT managers can 
use to track software license 
compliance and to identify 
licenses that are no longer 
needed. 

Novadigm Inc. in Mahwah, 
N|J., released a tool called Ra- 
dia Usage Manager that tracks 
software use on servers, desk- 
tops and laptops. The software 
works with existing Novadigm 
products that manage the de- 
ployment of new applications, 





said George Kellar, Novadigm 


vice president of marketing. 
Meanwhile, Softricity Inc. in 
Boston introduced SoftGrid 
Dual-Mode, a product primari- 
ly designed for use in deploy- 
ing and managing Windows 
and Citrix MetaFrame applica- 
tions. But the technology’s abil- 
ity to track license compliance 
is “icing on the cake,” said a 
spokeswoman for Softricity. 


Big Savings 

Royal and SunAlliance USA 
plans to install Radia Usage 
Manager next year, when 
funding for the project is due, 
said Roger Thibodeau, IT ex- 
ecutive at the property and ca- 
sualty insurer in Raleigh, N.C. 
Thibodeau said he expects to 
save millions of dollars by us- 





ing the Novadigm software to 
find unneeded licenses. 

He based his estimate on a 
laborious manual survey of li- 
cense usage among 7,000 end 
users. The survey, done in Jan- 
uary and February, uncovered 
$500,000 that could be saved 
by not renewing licenses for 12 
of the company’s 131 commer- 
cially licensed applications, 
Thibodeau said. Many users 
had installed applications and 
never used them, he noted. 

Radia Usage Manager will 
be used to examine the re- 
maining 119 applications. The 
manual effort on the first 12 
took a pair of IT workers two 
months to complete. By com- 
parison, the software should 
take only about a day to count 








chart). But Siemens is taking a 
go-slow approach with the 
technology. Straton said the 
company initially plans to lim- 
it marketing to about 50 cus- 
tomers for up to nine months 
of beta testing and trials. 
Chris Kozup, an analyst at 
Meta Group Inc. in Stamford, 
Conn., said one question that 
needs to be answered is how 
scalable OpenScape will be in 
its first release. He noted that 
Siemens is pushing the soft- 
ware for use only by branch 
offices, departments and 
workgroups at this point. 
Straton said the technology 
is being pitched for small in- 
stallations for now because it 
requires a cultural shift that 
could be hard for entire com- 
panies to make. The software 
will initially be able to handle 
up to 500 users per server and 
5,000 in a linked setup, he said. 
Verizon spokesman Bill 
Kula said his company is 
working with Microsoft and 
Sun Microsystems Inc. to de- 
velop some of the same capa- 
bilities that are in OpenScape, 
including connections be- 
tween voice and text messag- 
ing using any device. The 
technology will be used as 


who uses all the other applica- 
tions, Thibodeau said. 

The Northwestern Medical 
Faculty Foundation in Chicago 
will begin rolling out SoftGrid 
Dual-Mode this week for 1,500 
doctors and other users, said 
Julie Otten, the foundation’s 
director of information sys- 
tems. The organization is a 
nonprofit group of doctors and 
health care professionals who 


provide clinical care and are 

& In the past, 
we'd buy 100 

more licenses when 


| we ran against the 


limit, but this way we 
can fine-tune what 
we need to buy. 

JULIE OTTEN, DIRECTOR OF 
INFORMATION SYSTEMS, 


NORTHWESTERN MEDICAL 
FACULTY FOUNDATION 
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part of a service that’s due to 
be announced this spring or 
summer, Kula said. He added 
that Verizon has trials under 
way with internal workers and 
some large U.S. businesses. 

Analyst Kneko Burney at 
In-Stat/MDR in Scottsdale, 
Ariz., expects several tele- 
communications carriers to 
offer converged communica- 
tions services this year. But 
she wouldn’t name any of the 
carriers. D 


OpenScape 
Version 1.0 


CAPABILITIES: Integrates and 
synchronizes messaging, calen- 
daring and real-time collaboration 
tools with corporate applications 


Se eeeececesecesesscsseseees 


SUPPORTED END-USER 
DEVICES: Desktop and laptop 
PCs, handheld devices, cell 
phones and IP phones 


RUNS ON: Microsoft's upcoming 
Windows Server 2003 and 
Greenwich real-time communica- 
tions server software 


Se eeeeeceereceseeseeseseees 


LIST PRICE: $400 per end user; 
due for beta testing in May and 
general release in September 


affiliated with Northwestern 
University Medical Center. 

The Softricity product 
streams applications to users 
from a server instead of in- 
stalling them on end-user PCs. 
That should help in tracking 
the usage of applications, Ot- 
ten said. “In the past, we’d buy 
100 more licenses when we 
ran against the limit, but this 
way we can fine-tune what we 
need to buy,” she said. 

Fred Broussard, an analyst 
at IDC in Framingham, Mass., 
said capabilities similar to 
those developed by Novadigm 
and Softricity are also offered 
by Microsoft Corp., Computer 
Associates International Inc., 
IBM’s Tivoli unit and Altiris 
Inc. in Lindon, Utah. 

But Ronni Colville, an ana- 
lyst at Gartner Inc. in Stam- 
ford, Conn., said Novadigm’s 
technology for tracking soft- 
ware license inventories ap- 
pears to be the most compre- 
hensive now available. D 
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next decade? 
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Feds Test Network to Send Alerts to M.D.s 


BY BOB BREWIN 
The U.S. Department of 
Health and Human Services 
(HHS) has begun testing the 
use of a health care data-deliv- 
ery network operated by 
ePocrates Inc. to transmit 
bioterrorism-related alerts to 
doctors equipped with Palm 
OS-based handheld devices. 
HHS and San Mateo, Calif.- 
based ePocrates launched the 
three-month pilot this month. 
The agency is finalizing the 
data files it plans to distribute 
for the test, said Dr. John 
Whyte, the medical director of 
an HHS panel set up last year 
to explore new technologies. 


alerts if the test is successful. 

About 250,000 doctors and 
450,000 other medical work- 
ers have signed up to use the 


ePocrates network. The com- 

pany stores information about 
prescription drugs in its data- 
base and sends out its own 
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alerts with updated drug safe- 
ty data and news. 

The Atlanta-based Centers 
for Disease Control and Pre- 
vention (CDC), an arm of 
HHS, already operates a net- 
work that distributes informa- 


tion to public-health depart- 
ments. Whyte said the deal 
with ePocrates will let HHS 
quickly send alerts about po- 
tentially threatening biological 
agents to doctors who aren’t 
tied into the CDC’s network. B 
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But HHS could immediately 
send data via ePocrates’ net- 
work if bioterrorism attacks 
occurred, he added. 

Bob Quinn, chief technolo- 
gy officer at ePocrates, said 
that about 10,000 emergency 
room physicians and infec- 
tious disease and primary care 
specialists will participate in 
the pilot. EPocrates plans to 
launch a version of its soft- 
ware for Pocket PC devices in 
April, but Quinn said the doc- 
tors involved in the test will 
use handhelds running Palm 
Inc.’s operating system. 

HHS will transmit alerts to 
ePocrates as Word documents 
in e-mail attachments, Quinn 
said. The company will store 


Executive Briefings currently available: 


Measuring RO! 

A comprehensive look at how to measure an IT project’s 

return on investment and find out if it’s valuable to your 

company. This Executive Briefing will help boost your 
value within your organization and give you the 
tools you need to succeed. 


Smart Storage 
Save time and money by building a storage 
infrastructure that achieves your company’s 


the alerts in a central Oracle 
database and convert them 
into files that can be read by 
Palm devices when doctors 
synchronize their handhelds 
with the database. 

Quinn said ePocrates, which 
runs a mix of Unix and Win- 
dows systems, can tailor infor- 
mation to subscribers based 
on parameters such as medical 
specialty and location. Eventu- 
ally, he added, ePocrates wants 


goals. Many storage systems are built 
piecemeal without a master plan. Stop 
that trend now and take control! 


Security Agenda 

This Executive Briefing details the 
steps you can take to plug gaps in 
your company’s security defenses 
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This complete package gives the 
chief security officer advice on how 
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enterprise. ; 
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to provide HHS with an extra- 
net tool so the agency can 
transmit alerts directly. 
Whyte, who works for the 
HHS Council on Private Sec- 
tor Initiatives to Improve the 
Security, Safety and Quality of 
Health Care, wouldn’t disclose 
the cost of the pilot program 
or say how quickly HHS plans 
to broaden distribution of the | 
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Microsoft Exec Eyes 
Midsize Users for Apps 


gree that SAP has announced aggres- 
| 


Burgum says vendor to 
focus on ‘high-volume’ 
business applications 


BY MARC L. SONGINI 

Douglas Burgum, a senior vice president 
at Microsoft Corp. who heads the com- 
pany’s business solutions division, 
spoke about the unit’s enterprise appli- 
cations strategy during an interview at 
Microsoft’s Convergence 2003 confer- 
ence in Kissimmee, Fla., this month. 





Can you clarify where Microsoft sits 
in the corporate applications mar- 
ket? If you drew a bell curve for 
us, the center is in the midmar- 
ket. We’re not focused on sell- 
ing applications through a di- 
rect sales force to the world’s 
largest corporations. Those ap- 
plications are very expensive 
and require ongoing customiza- 
tion. We’re in the business of high- 
volume, low-price software sold 
through partners. 


Other parts of Microsoft do business with 
rival applications vendors such as SAP and 
PeopleSoft. Is that an issue for your unit? 
We want to work with those folks on 
our [underlying technology] platforms. 
We want them to adopt our tools that 
support XML connectivity and offer 
customers support for .Net. To the de- 


sive plans in the midmarket [with its 
SAP Business One initiative], we will 
find SAP a partner, but also we'll be 
competing with them for customer 
accounts. 


You recently shipped your first customer 
relationship management applications. 
Any misgivings about taking on Siebel 
Systems CEO Tom Siebel? We’re not tak- 
ing him on. He sells directly in deals 
that are worth multiple millions, with 
lots of rich customizations. 
That’s not the market we’re 
pursuing. We see Siebel as a 
strong partner doing nice work 
with our SQL Server database 


and Windows and .Net and our | 


support tools. 


Do you view any of the applications 
that Microsoft has bought over the 
past few years as redundant? No. 
The products won't fade away in any 
near- or midterm time frame. There 
are large customer bases for Solomon 
and Navision and Axapta and Great 
Plains. We’ve got a deep commitment 
{to them] and are planning for the next 
generation. We're not going to try to 
merge those lines together in the tradi- 
tional sense, so much. [But] to some 
degree, the future generation will have 
| a migration path to one single global 
| code base. B 





Oracle Offers to Fund Linux Efforts 


BY JAMES NICCOLAI 

Oracle Corp. last week said it plans to 
pay out about $150 million per year in 
an effort to encourage software ven- 
dors to develop Linux applications for 
its Oracle9i databases. 

“We've heard from our customers 
that the things inhibiting their move- 
ment to Linux are technical support, 
which we addressed last summer, and 
also the availability of applications,” 
said Bob Shimp, vice president of 
Oracle9i database marketing. “So we’re 
providing technical and financial in- 
centives to [software vendors].” 

Oracle will give qualifying software 
vendors $2 for every $1 that they invest 
in developing and marketing Linux 
software, Shimp said. The company 
will also share its customer list with 


vendors and let them market their Lin- 
ux offerings through its Web site. 
Oracle expects to continue spending 
$150 million annually on the program 
for “a number of years,” Shimp said. In 
a related effort, company officials said 
Oracle’s own developers are working 
on proposed additions to the Linux 
kernel aimed at making the operating 
system more suitable for use with Ora- 
cle9i in large corporate applications. 
Ensuring the availability of a broad 
set of applications is a crucial part of 
Oracle’s strategy to use Linux to com- 
pete against Microsoft Corp.’s SQL 
Server database, said Stephen O’Grady, 
an analyst at RedMonk in Hollis, N.H. 3 





James Niccolai writes for the IDG News 





Service. 





SDLT 320: 
THE ULTIMATE BACKUP 
MACHINE. 
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LARGEST CAPACITY 
320 GB — 60% more than the nearest competitor!* 


HIGHEST PERFORMANCE 
32 MB/s - Up to 33% faster!* 


LOWEST COST PER SB 
Up to 46% lower!* 


PROTECTS YOUR INVESTMENT 
Backward compatible to DLTtape™ IV media 


IDEAL FOR AUTOMATION 
Best combination of storage density, performance and 
durability 


BROADEST PLATFORM ACCEPTANCE 
Over 2 million drives and 80 million cartridges sold 


INDUSTRY-LEADING ROADMAP 
First with a path to over one terabyte 
and 100 MB/s* 


See for yourself why the 

SDLT 320 is the highest performing drive on 
the road today! 

Go to 320reasons.com. 
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“When compared to LTO 1, AIT 3 and Mammoth 2 drives. Where mentioned, capacities and transfer rates are compressed. 


©2002 Quantum Corporation. All rights reserved. Super DLTtape and DLTtape are trademarks and the Super DLTtape logo 
is a registered trademark of Quantum Corporation. 





Magic Pixie Dust 
was all the rage. And 


why not? The directions 


said that with one pinch, 


Magic Pixie Dust. 
The miracle everyone 


‘sweet servers would be imbued with 
“always on” capabilities. With another pinch, 
servers would be instantly gilded with more speed 
and performance. The servers would self-configure. They 
would never crash. Every server could connect with every other 
server in existence. Just one problem. The Pixie Dust didn’t work. 

AND THAT’S WHEN THEY CALLED: [8M. 
The IBM @server pSeries™ 650 running UNIX? It can run multiple partitions that 
can be dynamically reconfigured. On demand. It’s twice as 
powerful as the Sun Fire V880 in ERP.’ And unlike Pixie Dust. 


it works. To learn more about the flexible p650 or to locate your The p650. 


The UNIX server 


A . sd everyone has waited for. 
IBM Business Partner, head over to ibm.com/eserver/p650 ™ 


‘IBM eServer pSeries 650 (8 processors, POWER4+, 145 GHz, 1.5 MB L2 cache per 2 processors, 64 GB memory) was certified by SAP on 1/16/03 with the following SAP Standard 4.6C SD application benchmark results: 1,220 SD benchmark 
users, 1.95 sec. average dialog response time, 122,670 fully business processed line items/hour, 368,000 dialog steps/hour, 6130 SAPS, CPU utilization of 98% with DB2 v8.1 and AIX 5L version 5.2. Sun Microsystems Sun Fire V880 (8 processors, 
UltraSPARC Ill, 900 MHz, 8 MB L2 cache, 32 GB memory) was certified by SAP on 6/17/02 with the following SAP Standard 4.6C SD application benchmark results: 600 SD benchmark users, 1.96 sec. average dialog response time, 60,330 
fully business processed line items/hour, 181,000 dialog steps/hour, 3,020 SAPS, CPU utilization of 99% with DB2 v7 and Solaris 8. Results posted at http:/www.sap.com/benchmark. 2U.S. list price as of 2/28/03 for p650 Express Configuration 
with AIX 5L, 2-way 1.2 GHz POWER4+-. Prices are subject to change without notice. Reseller prices may vary. IBM, the e-business logo, AIX 5L, DB2, eServer, POWER4+, pSeries and e-business on demand are trademarks or registered trademarks 
of International Business Machines Corporation in the United States and/or other countries. UNIX is a registered trademark of The Open Group. Other company, product and service names may be trademarks or service marks of others 


©2003 IBM Corporation. All rights reserved. 





Powerful magic prevents and 
repairs server crashes. 


Optimization? Sprinkle on 
server three times a day. 


Currently unrated in performance. 


Could be the greatest idea 
in the history of IT. 


Not available through IBM. 


Doesn’t actually exist. 


IBM @server pSeries 650 


Powerful self-healing technology 


helps prevent server crashes. 


Partitioning? Built in. 


‘Twice as powerful as the 


Sun Fire V880 in ERP’ 


Could be the greatest idea 
in the history of UNIX. 


Available through IBM and 
IBM Business Partners. 


2-way starts at $31,495" 


© business on demand 
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MARYFRAN JOHNSON 


Standards Stupidity 


IVEN THE CHOICE of watching paint dry | tion for the Advancement of Struc- 
or paying attention to the techno-political 
infighting that goes on within industry 


standards bodies, most of us would opt for 


the paint. But when there’s 
big trouble brewing over 
Web services — between 
the Web’s leading stan- 
dards organization and the 
dominating duo of IBM 
and Microsoft — it’s time 
to take notice. 

Last week, Microsoft 
dropped out of a working 
group at the World Wide 
Web Consortium (W3C), 
opting, as IBM has, to go 
its own way in develop- 
ing a “choreography” standard for 
Web services. This is bad news for 
future users of products depending 
on this particular standard to inter- 
operate. 

“The most controversial area in 
Web standards now is the choreogra- 
phy or orchestration of the services,” 
says Eric Newcomer, chief technolo- 
gy officer at Iona Technologies Inc. 
and an active member of the W3C. 
“It’s about how to combine them 
rapidly and change the combinations 
to change business processes quickly 
and create affordable integration.” 

If Microsoft's latest move was the 
only point of standards contention, 
we could all go back to watching that 
paint dry. But similar fractures have 
taken place in both the Web services 
security and messaging arenas. For 
example, there are two camps push- 
ing a Web service specification for 
reliable messaging. The original spec, 
published in January by Oracle, Sun 
and others, now has a rival from IBM, 
Microsoft and their supporters. 

Whose offering is better? Does it 
matter? The key reason to standard- 
ize is to create a common base of 
technology from which industry 
players can then innovate and com- 
pete, leaving customers to enjoy an 
array of product choices. 

The last place we need another 





pointless, stupid stan- 
dards battle is in Web ser- 
vices. Did vendors learn 
nothing from the Unix 
wars of a decade ago? 
From the tangled mess 
that client/server became? 
The first phase of set- 
ting Web services stan- 
dards went uncommonly 
well, with the swift estab- 
lishment of the core tech- 
nologies of XML, SOAP, 
, WSDL and UDDI. But this 
second phase we’re now in — where 


| security and reliability must be ad- 
dressed — is collapsing into a mud- 


dle of conflicting vendor agendas. 


“It’s easy to agree on the low levels of | 
| the technologies,” Iona’s CTO points 


out. “But where you get to real busi- 


| ness value, it’s harder to get agree- 
| ment [among the vendors].” 


Adding to the complexity of it all is 
the proliferation of standards groups 


| circling their wagons around Web 


services. Along with the influential 


| W3C, there’s OASIS (the Organiza- 





tured Information Standards), the 
IETF (the Internet Engineering Task 
Force) and the newest one, the WS-I 
(the Web Services Interoperability 
Organization). 

Despite these widening cracks in 


| the Web services foundation, there is 


still hope rising around the integra- 


| tion possibilities and potential busi- 


ness benefits. Major companies in 
every industry are rolling out Web 


| services products, albeit cautiously. 
Forrester Research surveyed 292 CIOs | 
| last summer and found that only 30% 


had active Web services projects un- 
der way. IDC pegs last year’s Web 
services market at about $416 million 
but predicts that by 2006 it will blos- 
som into a $2.9 billion market. For 


| Web services to really take off, how- 


ever, key standards must be in place. 
“Everyone, from vendors to cus- 

tomers to standards bodies, wants to 

see Web services succeed, in view of 


| the key role they are destined to play 
| in enterprise architecture,” a Gartner 


analyst pointed out in a recent re- 
search note. 

That’s certainly true for the cus- 
tomers, and it’s likely true for the 


| standards bodies. But the jury is still 


out on the vendors, especially IBM 
and Microsoft. D 





“T'mM GONG To BE LATE TONIGHT, 
HONEY, T HAVE TO FINISH THAT RePoRT 
ON \T BURNOUT FOR TOMORROW. ” 
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Security 
Lessons 
From Israel 


NE OF THE differ- 

ences between how 

Israeli and American 
companies handle IT securi- 
ty is simple: seriousness. We 
have yet to treat IT security 
as a paramount issue. But 


as the U.S. enters a time of 
heightened threats, we can adapt 
some Israeli lessons for our own 
purposes. 

Every corporation must have 
someone who reports to the chief se- 
curity officer and has overall respon- 
sibility for the security and protec- 
tion of hardware. Routers, switches 
and storage devices must be invento- 
ried and supervised against tamper- 
ing or theft. 

Security for PCs 
and local communi- 
cations networks 
must be assured 
through best prac- 
tices and personal 
attention. Israel has 
no companies the 
size of those in the 
Fortune 500, and 
that smaller size 
makes it easier for 
security officers at 
Israeli firms to monitor IT opera- 
tions. Still, the consequences of even 
a minor attack on Israeli IT infra- 
structure are potentially so deadly 
that greater security awareness is 
essential. 

Companies need to treat software 
security as a separate discipline, with 
dedicated reviews and vendor certi- 
fications. If vendors can’t help build 
and verify security for their prod- 
ucts, look elsewhere. 

Communications security should 
not take second place — indeed re- 
dundant telephone and data systems 
should be tested on an random basis 
and fully integrated into the IT secu- 
rity plan. 

A careful and up-to-date review of 
legal and contractual obligations re- 
lated to IT security should be built 
into a corporate curriculum designed 
to protect hardened IT assets. 

An advantage Israeli firms have is 
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the flow of IT talent between the 
armed forces and the private sector. 
This gives companies a ready supply 
of well-trained, experienced person- 
nel, many of whom have formed long- 
term working relationships with their 
military colleagues. While U.S. com- 
panies may not be able to call upon 
military personnel, they can promote 
industry associations, support work- 
ing groups and build corporate part- 
nerships for IT security. They must 
move from competing in IT security 
to cooperating. 

Companies must produce a review 
of computerized data systems and or- 
ganize damage assessments and re- 
covery plans in the event of an attack. 
Israel’s constant exposure to external 
threats has bred planning for the 
worst with sophisticated IT skills. 
U.S. IT managers must form relation- 
ships with U.S. government officials 
so that both sides understand the oth- 
er’s needs. 

Finally, it’s time companies send a 
signal to IT personnel by funding 
diploma-level course work for securi- 
ty. Who knows, maybe the U.S. gov- 
ernment will give its stamp of ap- 
proval to security education, similar to 
what Israel’s Ministry of Education 
does, by funding student loans. It’s 
time to get serious. D 


Building 
Confidence in 
‘Tough Times 


FEW YEARS of down- 

sizing, belt-tightening 

and fanatical attention 
to ROI have tested IT profes- 
sionals’ patience and confi- 
dence. Many have been 
through tough economic 


times before, and they’re cop- 
ing reasonably well. But they’re not 
dealing as well with fears of terrorism 
and concern about the Iraq war. These 
have left most people confused and 
uncertain and searching for sources of 
stability and comfort both at work and 
at home. 

How much can an employer help? A 
lot, it turns out. This column has fo- 
cused on successful IT management 
practices for four years, and a glance 
backward reveals a treasure trove of 
practical strategies and ideas ripe for 


today. They needn’t be an- 
chored in altruism; they’re 
all profitable business prac- 
tices within the grasp of 
any employer. 

The power of process. You 
may think that the recent 
attention to project man- 
agement practices is being 
driven strictly by budget 
controls, risk aversion and 
a desire to reduce complex- 
ity. But think again. Doing 
things in a routine, pre- 
dictable manner builds fa- 
miliarity and confidence, 
which IT workers are crav- 
ing right now. What better 
antidote for stress than working with- | 
in a system of well-defined beginnings 
and endings, systematic approaches to | 
managing portfolios of concurrent 
projects, and stringent attention to 
communication and collaboration is- 
sues, especially when problems arise? 

Organizations should be investing in 
project management as a key strategy 
(as well as corporate cultural beacon) 
to become more adaptive, responsive 
and profitable in a rapidly changing 
business environment. Best practice: 
Organize project management offices, 
staffed by both business and IT work- 
ers, and make them responsible for 
training workers. These offices would 
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find ways to incorporate 
project management into 
daily routines and serve as 
project management infor- 
mation repositories. 
Focus on transition issues. 
Business leaders are noto- 
rious for undermining 
change initiatives by fail- 
ing to anticipate who will 
have to let go of what and 
for not adequately prepar- 
ing their workers for the 
psychological and emo- 
tional adjustments needed 
in new situations. Look no 
further than recent heavy- 
handed workforce reduc- 
tions and the deep resentment still 
palpable among those workers who 
kept their jobs. 

The management challenge is to get 
people to stop doing things the old 
way, which requires attending to ex- 
tremely unsettling personal stuff in 
projects, workload, pay and careers. 
That can’t be accomplished imperson- 
ally. Required road map: Managing 
Transitions: Making the Most of 
Change, by William Bridges. 

Pay attention to retention. Lack of com- 
mitment is the major reason you lose 
good people, or at least see their pro- 
ductivity decline. Among the top 20% 
of your best performers (the ones you 


Tass 








can’t afford to lose), some are bound 
to leave, even in a rotten economy. 
Everything that binds them to their 
jobs and to their employer needs to be 


| unearthed and deftly managed, espe- 


cially now that they are frustrated by 


| increased workloads. Build their loyal- 


ty with thoughtful, well-executed re- 
tention strategies and a willingness to 
listen and continually recalibrate. 
What you do with the other 80% is ar- 
guably less important. 

Character and ethics matter. How we 
handle ourselves and treat others is 
even more important in unsettled 
times, because perceptions are more 
emotionally charged. Ethical issues 
aren’t simply about right and wrong; 
they’re about making tough choices in 
a brutal world. Your superiors, cus- 
tomers and peers take character and 
ethics into account far more than you 


| realize. Required reading: Daniel 


Goleman’s books about emotional in- 
telligence and the writings on ethical 


| issues in engineering by Hiram Col- 


lege ethics professor Kenneth Alpern. 

Confident people perform at higher 
levels. That’s the kind of ROI you can’t 
ignore. D 
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Forgotten Father 


NE PERSON who seems to 
have been forgotten about in 
the operating system history “The 
Story So Far” [(QuickLink 36541] is 
the late Gary Kildall, whose CP/M 
was the predominant microcom- 
puter operating system of the 1970s 
and is generally regarded as the 
core of MS-DOS. He was the true 
father of modern computing. 
Fred Cooper 
Saratoga Springs, N.Y. 


Looking Past RO! 


IVEN THE FACT that the major- 

ity of costs associated with IT 
investments will occur during oper- 
ations (and not during the tradition- 
al investment period of design and 
building), | wish all those calculat- 
ing ROI loads of luck [“The Next 
Chapter: ROI,” QuickLink 35584]. 
Please tell me where the invest- 
ment stops? Financial manage- 
ment of IT is truly essential and 





easier than most people think. A life 
cycle approach is essential, how- 
ever. Well-published approaches 
are those of John Thorp and Dan 
Remenyi. 

Egon Berghout 

Professor of business and ICT, 
University of Groningen, 
Rotterdam, Netherlands, 
e.w.berghout@eco.rug.nl 


Not a Strong Suit 


LTHOUGH IT IS TRUE that many 

times management refuses to 
perform due diligence on IT invest- 
ments, | must point out that some IT 
shops refuse to even provide ade- 
quate information to make an in- 
formed decision [“Save the Suits 
From Themselves,” QuickLink 
36692). 

| spent several years working on 

a major upgrade/conversion. When 
business representatives were final- 
ly allowed to initiate an open discus- 
sion where all of the options could 
be presented, we found that the CIO 


| ture for the same reason that many 





had slipped in ahead of us and 
“presold” the sponsors with 
promises that were never kept. That 
ClO moved on before the system 
went live and before the business 
could see exactly what it had in- 
vested in. There must be an honest 
representative involved in the 
process who has the best long- 
term interests of the business in 
mind and not just his résumé. 
Chuck Houle 

Senior consultant, Impac, 
Portland, Ore. 


Trapped in NT 


Y BUSINESS is staying on 
NT 4 for the foreseeable fu- 


others are - it’s stable and reliable 
and runs within the footprint of our | 
existing server hardware [Quick- 
Link 36543]. Wehad considered | 
upgrading to Windows 2000, but 

that option vanished pretty quickly 
when XP was released; Windows 





2090 suddenly became unavail- 


able from local resellers. Many of 
our applications would survive the 
transition to Windows 2000, but 
new versions would be needed to 
go to XP. The cost of application 
upgrades, faster servers and larger 
storage makes the trip to XP across 
the board prohibitive for now. So in 
a sense, we are trapped - and your 
article suggests that we have lots of 
company. 

Gregory Latiak 


Consultant, Toronto 


COMPUTERWORLD welcomes 
comments from its readers. Letters 
will be edited for brevity and clarity. 
They should be addressed to Jamie 
Eckle, letters editor, Computerworld, 
PO Box 9171, 500 Old Connecticut 
Path, Framingham, Mass. 01701 

Fax: (508) 879-4843 

E-mail: letters@computerworld.com. 
Include an address and phone num- 
ber for immediate verification. 


More letters on these and other 
topics are on our Web site: 
computerworld.com/letters 





EMC REDEFINES EMC 
HIGH-END STORAGE. 
AGAIN. 


INTRODUCING 
DIRECT MATRIX 
ARCHITECTURE. 


ONLY SYMMETRIX 
DMX HAS IT. 


EMC’s new Symmetrix DMX series with Direct Matrix Architecture. 

4 times the internal bandwidth and 10 times the cache bandwidth of any other storage system. 
100% software compatibility. Unprecedented application performance, protection and availability. 
And ail with surprising affordability. Now high-end storage has a new high end. 

emc.com/dmx or call 1.866.symm.dmx/1.866.796.6369 


EMC’, EMC, and Symmetrix are registered trademarks and Direct Matrix Architecture and where information lives are trademarks of EMC Corporation. 
All other trademarks used herein are the property of their respective owners. © 2003 EMC Corporation. All rights reserved. 





TECHNOLOGY = 


Q&A 


Making the Connection 

Netegrity CTO Deepak Taneja (left) 
discusses the future of identity and 
access management technologies in 

an environment transformed by the 
Internet and in which the definition of 
an application is changing. Page 34 





SECURITY MANAGER’S JOURNAL OPINION 

Porn Policy Collars a | Scope Creep and 

Million-Dollar Customer Exchange Server 2003 

Vince Tuesday decides that strict policies | Realizing the full benefits of Micro- 
against pornographic e-mail messages | soft’s latest e-mail server software will 
will have to bend a bit when one offender | require much more than just upgrading 
turns out to be a rep for his company’s existing e-mail servers, writes Robert L. 
best customer. Page 40 Mitchell. Page 42 
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UNNING MISSION-CRITICAL APPLICATIONS on an 
unproven operating system is too dicey for many 
corporations to stomach. But three trailblazers now 
running Windows 2000 Datacenter Server say they 
had good reasons to consider it. 

Microsoft Corp.’s Windows Datacenter Program calls 
for well-established hardware makers to sell, support and 
test the product in configurations guaranteed to produce 
the sort of reliable and stable results that customers of 
rival Unix systems expect. 

And Windows Datacenter Server is a logical considera- 
tion for companies using Microsoft software, particularly 
those pushing the limits of eight-way boxes running SQL 
Server on Windows 2000 Advanced Server. Datacenter 
Server scales to 32 processors, and its license allows for as 
many partitions as desired on a single physical server. 

So far, the only choice for a 32-way box has been the 
ES7000 from Unisys Corp. in Blue Bell, Pa. But three early 
adopters who were glad to find the ES7000 say their Data- 
center-based systems have largely delivered on the 
promise of high availability, scalability and reliability. 


“Datacenter is basically Advanced Server on steroids,” says Mary Kay’s ;ORR : z MARY KAY CONSOLIDATES SOL 


Users say they've experienced a few sm ctrka be. Adtbon, om penne a 


HOLLENBECK 


ya ES7000 server in April 2001 to cope with the explo- 


glitches, butthe high-end operating system — "Uistsserhertsomine orgs peo: 
ucts manufacturer and distributor had clustered four-way 


has largely delivered on its reliability and servers upgraded processor and shied from Windows 


NT to Windows 2000 Advanced Server. 


scalability promise. By Carol Sliwa smmmganintompena etn 


Database replication was gobbling up resources. Single- 


Sie : - , user interactions could trigger requests to multiple data- 
% eis : base servers, slowing the network. And Mary Kay was 
: : ; — ao outgrowing servers before its leases were up. 
Fe 5 BS Se aes ae The company went live in June 2001 with its ES7000, ini- 
. : 3 cette tially on Windows Advanced Server. Using Unisys tools, IT 
= 3 i staffers carved up the 32-processor, 32GB frame into four 
§ i i eight-CPU partitions and configured them as two clusters: 
; | ‘ one for SQL Server 2000 production databases and the oth- 
% nam ate er for testing, staging and fail-over. 
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Mary Kay was able to consolidate four production 
database servers to two, but it soon needed more 
horsepower and shifted to Windows Datacenter in 
April 2002. Administrators converted the four eight- 
way partitions to two 16-CPU, 16GB partitions: one for 
the production SQL Server and the other for backup. 

“Datacenter is basically Advanced Server on 
steroids,” Koeneke says. “It’s the same operating sys- 
tem. It just has gates opened up that let you manage 
large servers.” 

Consolidating to a single SQL Server instance for 
e-commerce improved performance and eliminated 
redundant databases and replication headaches, says 
Koeneke. Processing capacity went from 1,800 orders 
per hour to more than 3,000. And Koeneke says prob- 
lems were scarce and insignificant compared with 
prior Windows versions. 

Mary Kay purchased three more ES7000s last year 
for a supply chain initiative. One has a 16-CPU in- 
stance of SQL Server and two eight-CPU partitions of 
BizTalk Server. Another has SQL Server running on 12 
CPUs, clustered to the 16-CPU SQL Server on the oth- 
er box, and five four-way partitions for Mary Kay’s J.D. 
Edwards & Co. enterprise resource planning (ERP) 
system. The third box is for development and testing. 

Plans call for the BizTalk and ERP database servers 
to be consolidated. Koeneke says he also hopes to 
run a four-way Datacenter cluster with three active 
16-way nodes and one passive 16-way node hosting 
all of the company’s databases. 

Koeneke says he isn’t convinced that total cost of 
ownership is cheaper with Datacenter Server than it 
would be with Unix, but given Mary Kay’s commit- 
ment to Microsoft products, Datacenter made sense. 
His only gripe is with the Datacenter program, which 
Microsoft is revamping. Under the existing program, 
the hardware provider is supposed to be the single 
point of contact for problems, yet Koeneke says he 
often waits for answers as vendors point fingers. 

Koeneke would also like more choice in the sub- 
systems that attach to his Datacenter Server beyond 
those in the exact configuration Unisys tested. “They 
tell us how great everyone gets along and that we 
have one throat to choke,” he says. “But the reality is 
we get total certification on a solution provided by 
one OEM. Our flexibility is limited.” 





PREMERA DOWNSIZES 


remera Blue Cross in Mountlake Terrace, Wash., 
, wanted to replace the homegrown, mainframe- 

based core systems suite that its 3,000 employees 
used to administer membership, enrollment and 
claims. The $3 billion health insurance company, with 
1.4 million members in the Pacific Northwest, already 
used Windows on the desktop; has about 450 Win- 
dows servers running e-mail, file-and-print services 
and various applications; and planned to use Micro- 
soft’s development environment. 

CIO Alan Smit says he saw an opportuni- 
ty to focus on a single vendor, even though 
he shared the general industry skepticism 
about Microsoft’s ability to support enter- 
prise transaction processing. 

Careful analysis of the technology, bench- § 
marks and Datacenter program helpedease a 
his concerns. So did the Windows-based 
client/server claims and membership ad- 
ministration system Premera bought from 
TriZetto Group Inc. in Newport Beach, Calif. 

In July 2001, Premera went live with two ES7000s 
running Datacenter Server — one 32-way system and 
one 16-way box in a clustered, fault-tolerant configu- 
ration. IT staffers created an eight-way partition on 
the 32-way box to run SQL Server and used a clus- 
tered eight-way partition on the 16-way box as a fail- 
over system. That paid off late last year when a mem- 
ory problem caused the active server to crash. Users 
noticed only a 20-second slowdown as the second 
node took over the workload, says Bob Crownhart, 
an IT director at Premera. 

Premera now has 172,000 members 
loaded into the Datacenter-based system 
and has been running nonstop since August, 
when it took down the system to address a 
hardware problem, says Crownhart. 

The company plans to move to 16-way 
partitions as it scales to more than 1 million 
members. “Knowing we can scale beyond 
eight-way partitions is the biggest comfort. cio 
That’s what we needed to convince our- 
selves that we could scale to 1.4 million 
members and beyond,” Crownhart says, not- 
ing that the target completion date is 2005. 

Premera is also looking to shift online analytic 
processing from its mainframes to Datacenter Server. 
“The fewer platforms I have to support, the better,” 


Smit says. 


FIRST AMERICAN MAXES OUT 


g irst American Title Insurance was pushing CPU 
™ utilization in its eight-way Compaq ProLiant 

= database servers to over 90% when it decided to 
convert to a 32-way Unisys ES7000 running Win- 
dows 2000 Datacenter Server. 

At the time, the Santa Ana, Calif.-based insurer 
was halfway through the rollout of its homegrown 
First American Software Technology (FAST) Trans- 
action System, a consolidated title and escrow sys- 
tem for 10,000 users in 1,200 offices, says CIO Larry 
Godec. Tuning the application to make fewer data- 
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base calls was one way to solve the problem. Porting 


| the database server to Unix was another possibility, 


but that would have meant an extra six months to 
rewrite application code in Java, says Godec. 

Yet another choice was splitting the database and 
creating a number of regional databases. However, 
Godec frowned on that option from a support and 
maintainability standpoint. 

First American was adding hundreds of users each 
week and didn’t want to stop the rollout’s momen- 
tum, so it turned to a bigger box for its application’s 
SQL Server 2000. 

Godec figured that switching to an 
ES7000 wouldn’t stop the rollout for more 
than a few weeks. Coordinating the setup 
with Unisys, Microsoft and EMC Corp., 
which was supplying a storage-area net- 
work, required about six weeks. The con- 
version itself took 12 to 16 hours. 
rs But the rush through the migration proc- 
ess wasn’t without incident. A bad ES7000 
CPU caused a business interruption, and in- 
correct settings caused two more outages, 
Godec says. He advises users to make sure 
all processors are burned in appropriately and all 
settings are triple-checked before going live. 

As the system load soared, First American encoun- 
tered a problem with the Datacenter Server’s sched- 
uler, which is part of the operating system’s kernel. 
The operating system froze when the scheduler 
backed up under extremely heavy load, Godec says 

“Adding that number of users that quickly to a sys- 
tem, you're going to find the stress points pretty 
quick,” he says. 

Microsoft tested the application to identi- 
fy the problem and developed a more effi- 
cient scheduler that will ship in April with 
Windows Server 2003, Godec says. First 
American plans to upgrade as soon as it can. 

In the meantime, turning off the affinity 
setting, which can dedicate processors to a 
specific system, such as the operating sys- 
tem or the database, has helped to offload 
some of the work from SQL Server and re- 
duce the overall load, Godec says. Reducing 
the frequency of the database monitoring 
and replication on the EMC storage system 
also helped, he adds. 

Unlike other companies that partition their 
ES7000s, First American has all 32 processors manag- 
ing the workload of the operating system and the data- 
base. Godec says he considered 16-way partitions, but 
uncertainty about the effect on utilization led his team 
to use all the processors and add a second ES7000 at 
its Dallas site for redundancy and fault tolerance. 

The Unisys box now runs at 40% capacity, so First 
American has plenty of headroom, Godec says. And 
he adds that he has been happy with the Datacenter 
Server technology. 

“I would equate the ES7000 to other things that 
I’ve known and run in the past, which include the 
E10000 from Sun, and the Hitachi and IBM main- 
frames,” he says. “It’s every bit as reliable.” 

Godec says he never had a scheduler problem on 
an IBM mainframe, but he has encountered problems 
on large systems where the vendor response has 
been, “You need to upgrade to the new release.” D 
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OU CAN DEPLOY all of the 
firewalls and intrusion- 
detection devices money 
can buy to protect your 
network from hackers and 
malicious code, but when it comes to 
truly knowing what’s happening on 
your network, there’s no substitute for 
digging through system log files. 
Telltale signs that appear in logs offer 
strong indications that you may have 
been hacked, say experts. The follow- 
ing should raise alarms in any IT ad- 
ministrator’s head: long entries of ran- 
dom characters, repeated occurrences 
of “..\”, passwords that have been 
changed by someone using a user ID 
of “O” and a null log-in, unexpected 
configuration changes to systems or 
devices, and a sudden increase or de- 
crease in the number of log messages 
generated, to name just a few. But even 
with these known indicators, uncover- 
ing hacker activity can be difficult. 
“Log analysis is a dirty job,” says 
Chris Kirschke, senior security analyst 
at Santa Clara, Calif.-based Silicon Val- 
ley Bank, where 1,200 users in 27 loca- 
tions create 25GB of log data every 
month. “Logs are where you go to find 
out what has happened,” Kirschke says. 
System logs can differ slightly from 
operating system to operating system, 
but they all follow a general format: 
date/time stamp, IP address of the sys- 
tem, the name of the process that has 
created the log entry and the process 
ID number that is assigned by the sys- 
tem. Knowing the format of a log entry 
for a legitimate event is critical to be- 
ing able to identify red flags. 


TECHNOLOGY 


Digging for Clues 


One expert shows you how it’s done 


Tina Bird, head of IT systems and services at Stanford University, offered 
the examples below last month during a live webcast sponsored by the 


Bethesda, Md.-based SANS Institute. 
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Example 1 


Example 1 shows a log entry from 
a system that's running Solaris as 


| Example 2 


aremote host attempts to connect 


to the network through a process 
called a remote procedure call 


cibcigiebokoid 
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Bird. The random numbers and 
characters that begin on the third 
line are actually data that the at- 
tacker is using to force the vulner- 
able application to generate a 
buffer overflow. “Anytime you look 
at your log data and you find a 
large quantity of random charac- 
ters or nonsense, that’s worth in- 
vestigating,” said Bird. “That's a 
good sign that there’s a buffer 
overflow or an attempt to feed bad 
data into your system.” 

The addition of new user 
names and changes to passwords 
can also be indicators of maticious 
activity on Unix systems. For ex- 
ample, Unix systems often assign 
accounts to legitimate processes, 
such as “mail” or “Web.” 


In Example 3, the perpetrator of 
the buffer overflow has created an 
account named “cgi” using the 
Unix command “adduser.” 


| Example 4 


Then, in Example 4, the hacker 
changes the password. 

What's interesting about the 
last two entries is that the hacker 
uses the user name “cgi” in hopes 
of avoiding detection by posing as 
a legitimate process. In addition, 
the user ID (uid) in Example 3 has 
been set to 0, indicating root-level 





(RPC). 

However, “with this data by it- 
self, we really can’t tell what's go- 
ing on,” said Bird. But it’s in the 
next entry, shown in Example 2, 
where things get interesting and 
start to show signs of a buffer- 
overflow attempt. 


A system log on a Unix machine, for 
example, may have an entry that ap- 
pears legitimate at the beginning but 
contains the remnants of a buffer-over- 
flow exploit at the end, says Chris 
Romeo, an incident response and in- 
vestigative expert at London-based 
Cable & Wireless PLC. 

Although Web server logs aren’t as 
useful to intrusion analysis as system 


A close look at system logs. 
provides clues to spot hacking or 


worm activity. By 


an Verton 


trace 
Evidence 


| Everything following the colon in 

| the first line of the log entry in 

| Example 2 is nothing more than a 

| free-form text message that indi- 
cates an error has occurred, said 





Jan 2 


logs are, there are entries that can tip 
you off to hacking activity. One such 
entry in Web servers running Internet 
Information Server includes multiple 
occurrences of “..\ ..\.” 

Jeff Rovelli, an FBI special agent in 
New Haven, Conn., says identifying 
and locating just such an entry was 
one of the key first steps that led to the 
arrest of a hacker who had used the 
vulnerability to gain access to a major 
e-commerce company’s customer data- 
base for use in a major scam. Here’s an 
example of this type of suspicious 
entry, also known as the Web traversal 
vulnerability: http://host/index.asp? 


| something-..\..\..\..\WINNTsystem32\ 


cmd.exe?/c+DIR+e:\WINNT \*.txt. 


Looking for Back Doors 
Some log entries can also show how a 
worm may be exploiting a back door 
left open by another malicious intrud- 
er. For example, in September 2001, the 
Nimda worm’s incessant scanning cre- 
ated a surge in log activity that should 
have been a red flag to many adminis- 


.| Example 3 


sie si, ide, gid=0 st | 





access to the system. Likewise, 

| the reference in the last line of 
Example 4 - changed by ((null)/0) 
~ indicates the hacker changed 
the password for the account 

| without logging into the system, 

| which is another red flag. 
i - Dan Verton 





trators. Nimda scanned for 16 known 
vulnerabilities, including the Unicode 
and directory traversal vulnerabilities, 
a total of 13 times each. That meant 
that every time a Nimda-infected sys- 
tem tried to infect another system it 
generated 208 log entries. 

But sometimes log entries aren't 
enough. For example, the Slapper Lin- 
ux/SSL worm discovered in September 
2002 exploited a buffer overflow in 
Secure Sockets Layer (SSL) Version 2. 
However, log entries indicating an er- 
ror only show up when the worm 
probes an Apache server running the 
patched version of SSL, says Tina Bird, 
head of IT systems and services at 
Stanford University. But when the 
worm hits a vulnerable system, it 
leaves no evidence in the Apache logs 
or in the system logs, she says. 

Other forms of malicious code, such 
as Trojan horses, can be lurking in 
your systems without showing up in 
log files, according to Mike Geraghty, 
vice president of high technology in- 
vestigations at Newark, N.J.-based Pru- 
dential Financial. Geraghty says it’s im- 
portant to look through the win.ini and 
system. ini files for suspicious executa- 
bies that are being initiated, as well as 
through the registry for odd or unusual 
.exe or .dll files. 

“To understand [malicious] behav- 
ior, you have to understand what the 
normal behavior is,” says Bird. B 
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Introducing Intel’ Centrino” mobile technology. 
The new generation of laptop technology 
engineered to unwire your business. 


Until now, the promise of 
a truly wireless workforce 
has been just that: a 
romise. Intel® Centrino 
remover mObile technology delivers 
on that promise with unprecedented 
levels of mobility for your users 
and an easier deployment for you. 
Intel is working with other 
industry leaders to make 
wireless networking not only 
reliable, but secure. Intel Centrino 
mobile technology is compatible 
and validated with Cisco enterprise 
access points. And Intel continues 
to work closely with VeriSign, 
Check Point Software and 
other leading technology companies 
to optimize security solutions. 
The unwired office starts inside. 


© intel. 
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The link between users and applications is the 
focus for Netegrity’s CTO. By Tommy Peterson 





Chief Technology Officer Deepak Taneja 

is in charge of technology strategy and 

initiatives at Waltham, Mass.-based 

Netegrity Inc., a leader in the burgeoning 
identity and access management market. He recently 
spoke with Computerworld Technology editor Tommy 
Peterson about how the Web has changed the notions 
of identity and access control in corporate computing, 
as well as the definition of an application. Taneja also 
described how Netegrity’s technical focus is shifting to 
match those transformations. 


Identity and access-contro! issues have been around for as 
long as there has been corporate computing, but this particu- 
lar market has emerged in the past four or five years. Why 
now? In the mid-’90s, the Internet caused companies 
to think about putting intranets and extranets in 
place. As these extranets were developed, they pro- 
vided an opportunity for companies like Netegrity to 
come in with technology that delivered security as a 
shared service for the entire extranet. 

The center of gravity for us and other companies 
in the space was Web-based applications, which 
didn’t exist 10 years ago. What’s happened now is 
people have gotten control over their extranet, but 
they’ve got a mess on their hands inside the enter- 
prise. So they’re ... unifying the infrastructure for 
the extranet and the enterprise. They’re rationalizing 
the overall problem of how you connect users and 
principals in general to applications and resources, 
whether they’re Web-based applications or non-Web, 
whether it’s legacy or not, whether it’s enterprise ap- 
plications [or not], portal applications or nonportal 
applications. The real problem is how you connect 
users to those applications. 


How has your technology focus changed in the five years 
you've been at Netegrity? The initial focus was access 
controls and authentication for Web-based applica- 
tions. The user management side of things has be- 
come a whole lot more important. Companies have 
said to us, “It’s great to take a policy-based approach 
to securing applications for the extranet, but help us 
manage our user populations. Help us delegate the 
administration of our user population.” 

We've been pulled in two directions. Customers 





say, “Help us deal with the enterprise problems,” 
which is the provisioning issue, which is user man- 
agement across the enterprise. 

We've also been pulled out of the extranet with 
respect to business-to-business interactions with 
partners, with respect to business-to-consumer is- 
sues and from one Web site to another Web site. The 
real issue there is, How do you deal with partners 
and affiliates, and how do you federate your security? 
So the problem has grown — it’s stretched into the 
enterprise and stretched out to partner sites. 

The other key change over the past few years 
is the shift in distributed computing to a service- 
oriented architecture. The very definition of an ap- 
plication is now changing. This whole space is based 
on connecting users with applications, but the appli- 
cation is no longer the application it used to be. It’s 
not this big monolithic thing. It’s now Web services, 
which are these relatively small things that can be 
reused and integrated. 


How do you differentiate your technology from your competi- 
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tors? How do you say, “This is the way we do it, and it’s dif- 
ferent from the way somebody else does it”? First, a key 
design principal for us is whatever we do, we do 
assuming it’s a heterogeneous environment. So we 
have to support a heterogeneous environment. We’re 
not a Microsoft that can make the assumption that all 
the applications are going to be Kerberos-based. 

Second, the model to us is an end-to-end model. 
It’s not merely about the extranet or about the enter- 
prise or about the partner side. It’s end to end, all the 
way from interactions with partners, interactions be- 
tween users and extranet applications, interactions 
between users and enterprise applications. 

A third issue is integration. A good way to think 
about it is, What do administrators deal with in 
managing this converged infrastructure? We think 
that giving them two different role models, two 
different delegated administration models, two dif- 
ferent workflow models, two different auditing 
models is the wrong thing to do. All audit data goes 
to one place, and there’s a single set of reports that 
people can run. The delegation model is the same 
whether you’re a policy administrator or a user ad- 
ministrator. So provisioning, whether it’s extranet 
user provisioning or enterprise provisioning, is the 
same workflow model. 

Another really important point is the shift to ser- 
vice-oriented architecture. We started thinking about 
XML messaging and Web services security three and 
a half or four years ago. Through our partnerships, 
we are going to broaden our footprint in that area. 
The last point is scalability. We think in terms of tens 
of millions of users and hundreds of thousands of ap- 
plications. We’re not really worried about small com- 
panies here. This is about the needs of the Fortune 
500 and the Global 2000. 


The conventional wisdom is that security is one of the biggest 
barriers to adoption of Web services. How do you specifically 
get over that barrier? The challenge with Web services 
is that the standards are not in place yet. We’ve 
worked very diligently with other vendors to come 
up with SAML [Security Assertions Markup Lan- 
guage], and that’s going to help us on the Web ser- 
vices side. But overall, there’s a lot of potential stan- 
dards battling for attention, and there’s a lot political 
agendas in the mix. And without having standards in 
place, people are uncomfortable putting a Web ser- 
vices architecture in place that’s based on one imple- 
mentation or another. 

Having said that, I think you can get started with 
what already has been standardized to some extent. 
So there’s WS Security; there are companies coming 
up with WS Trust and WS Policy; and Sun has just 


| announced something — they’re working with Fujit- 


su and a bunch of other companies on WS Reliability. 
All this will take time, but the basics are in place. 
WSDL, SOAP, UDDI, SAML — you can get started, 


| and I think a lot of people are starting to do that. 


Overall, I think it 
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the standards come to- 
gether and large com- 
panies feel comfortable 
committing to Web 
services. D 
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Serial ATA 
Takes on SCS! 


Outlook: Serial Advanced Technology Attachment storage 
could replace SCSI for some applications. By Lucas Mearian 


Interface Advantage 


While the ATA drive uses a 40- 
pin interface (bottom), Serial 
ATA devices use a compact, 
seven-pin edge connector with 
aribbon cable that’s just 5/16 
in. wide (top). These drives 
should be faster, require less 
power and allow for more effi- 
cient and reliable array designs. 


| 
| 
| 
| 
| 
| 





ow-cosT Advanced 
Technology Attachment 
(ATA) disk arrays are al- 
ready gaining ground in 
near-line storage and disk-to- 
disk backup applications, but a 
faster class of drive arrays that 
uses the new Serial ATA inter- 
face standard is 
likely to challenge 
SCSI for high-per- 
formance applica- 
tions as well. 

The Serial ATA 
standard, approved in Novem- 
ber by the Institute of Electri- 
cal and Electronics Engineers 

Inc. (IEEE), has several ad- 

vantages over the parallel, 
shared-bus master/slave 
architecture of ATA. 
Serial ATA works at 
lower voltages, and be- 
cause it uses just four data 
lines compared with ATA’s 32, 
it’s 50% faster. It also supports 
hot-swappable drives and ad- 
vanced features such as native 


| command queuing, which lets 


a disk drive make multiple 


| requests for data from the 


processor and rearrange the 
order of the data to maximize 
throughput — a feature tradi- 
tionally available only on SCSI 
and Fibre Channel drives. Fi- 
nally, Serial ATA can support 
up to 128 devices per channel 
(vs. two for ATA and 15 for 
SCSI) and extends the maxi- 
mum supported cable length 


| from 18 inches to 1 meter. 


Serial ATA’s biggest poten- 
tial benefit lies in its price/ 
performance. Analyst compa- 
ny IDC estimates that about 
87% of all drives today use 
ATA. Economies of scale 
have made ATA disk arrays, 
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at 1 to 2 cents per megabyte, 


' much cheaper than SCSI, at 


3 to 5 cents per megabyte. 
Serial ATA disk arrays should 


| benefit from those same 


economies and could displace 
SCSI in small servers and even 


| large storage arrays using the 


emerging iSCSI 
storage network- 
ing protocol. 

“Five to 10 years 
from now, Serial 
ATA with iSCSI 
will be the dominant storage 
model,” predicts IDC analyst 
Robert Grey. 

Serial ATA’s first incarna- 
tion, available in drives and 
controllers, won’t do much for 
end users. That’s because ATA 
disk speeds, at a maximum 
sustained throughput rate of 
about 75MB/sec., can’t use the 
bandwidth increase that Serial 
ATA offers. And initial pricing 
will be about 10% higher than 
for ATA drives, says Jason 
Ziller, chairman of the IEEE’s 
Serial ATA Working Group. 

But manufacturers will ben- 
efit. Serial ATA’s seven-pin 
connector cable, which is 5/16 


| in. wide, replaces ATA’s 40-pin 


ribbon cable, which is 2 in. 
wide, restricts airflow and in- 
creases heat in an enclosure. 





In addition, chips are now 
smaller, and their voltage 
needs are lower than ATA’s 
5-volt requirement. Serial ATA 
requires just 0.5 volt. 

Vendors plan to offer Serial 
ATA disk arrays that deliver 
real performance gains. En- 
hanced specifications are on 
the way. Serial ATA II, due by 
mid-2004, is expected to dou- 
ble transfer rates, and a third- 
generation standard could 
double them again by 2007 
(see chart). 


Best Applications 

In the data center, Serial ATA 
is likely to boost emerging 
ATA disk-based storage appli- 
cations such as near-line stor- 
age and virtual tape servers, 
since the faster bus speed 
works well for streaming data 
and large file transfers. 

As the technology evolves, 
some analysts say ATA disks 
could be used in high-end pri- 
mary storage devices, such as 


| EMC Corp.’s Symmetrix and 


Hitachi Ltd.’s Lightning arrays. 

For the time being, though, 
SCSI and Fibre Channel disks 
have the advantage for storing 
data associated with high- 
performance, online transac- 
tion-processing applications 
because SCSI’s higher spindle 
speeds, at up to 15,000 rpm, 
enable faster access to smaller 
files. And the mean time be- 
tween failures of ATA drives, 
at 500,000 to 600,000 hours, 
still doesn’t stack up to SCSI’s 
1.2 million hours. 

That doesn’t worry Jamie 
Riis, CIO at BayView Finan- 
cial Trading Group LP in 
Miami. The mortgage banking 


| firm uses Network Appliance 


Inc.’s ATA-based NearStore 


| R1OO near-line storage array 


for disk-to-disk backup of its 
e-mail, SQL and Oracle data- 
bases. 
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PRODUCTS 


First Drives 
Ready to Ship 


Serial ATA vendors are be- 
ginning to ship disk drives 
in small numbers, but bulk 
shipments are expected by 
mid-2004. Current and 
planned offerings include 
SERIAL ATA DISK DRIVES 
Western Digital Corp. 

Lake Forest, Calif. 

= The 36GB WD Raptor, a 
a ee 


Seagate Technology LLC 
Scotts Valley, Calif. 

= Barracuda V series drives 
include dual ATA/Serial ATA 
connections. 


Maxtor Corp. 
Milpitas, Calif. 
= DiamondMax Plus 9 Perfor- 
mance device and the 7,200- 
Lupe aceiacipmnlaniee 


Fujitsu Computer Products 
of Americas Inc., San Jose 

@ Shipping 2.5-in. Serial ATA 

hard disk drives in the fourth 

quarter of this year. 


“As long as I have a RAID 5- 
capable system ...so I can get 
quick access to the informa- 
tion, then I’m kind of agnostic 
when it comes to SCSI- 
attached vs. ATA,” he says. 
“Then it really just becomes a 
cost issue for me.” D 


HERE COMES SERIAL SCSI 


Serial SCSI could soon allow mixed 
ATA/SCSI arrays: 


QuickLink 36978 


Living With ATA: BayView Financial 
Trading Group's Jamie Riis discusses his 
company's use of ATA array technologies: 


QuickLink 36977 
www.computerworld.com 


5,400 - 
for 7,200 
Transfer 
rate (MB/sec.) 


Status of 
standard 


100 


Final 


5,400 - 
10,000 


5,400 - 
10,000 


150 300 


Final Due in 


mid-2004 


5,400 - 
10,000 
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Op 


Software 


DEFINITION 
Revenue optimization software auto- 
mates the process of calculating 
the prices businesses need to 
charge to maximize profits. It can 
adjust prices using an algorithm 
that factors in variables such as 
demand forecasts and inventory. 


BY MARC L. SONGINI 
UST ABOUT ALL any 
business is looking for 
is a way to maintain 
precisely the right 
amount of product in- 

ventory or resources to supply 

a service and to know the high- 

est possible price the market 

for its products or services 
will bear. That would mean no 
overstocks, no disappointed 
customers and no write-offs to 
explain to investors. 

And the price would 

always be right to 

maximize profits. 

Until someone 
comes up with a work- 
ing crystal ball, rev- 
enue optimization software 
may offer the best hope to 
companies looking to achieve 
those goals. 

This business intelligence 
software factors variables 
such as demand, the cost of 
a good or service, and the 
amount of revenue the compa- 
ny needs to be profitable. It 
then calculates the best sales 
price for a good or service. 
When key parameters change, 
the software is designed to re- 





vn 
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vise prices almost instantly. 

For example, if a travel com- 
pany selling space on a cruise 
ship knows from historical 
trends that February is a bad 
month for a particular trip, it 
can drop the price to a level 
most likely to close the deal 
with a given customer. 

At the same time, the com- 
pany’s price planners, using a 
revenue optimization system, 
can draw data from applica- 
tions that handle sales 
and marketing opera- 
tions, as well as from 
data repositories 
containing customer- 
related information, 
in order to make their 
calculations. 

The planners can also factor 
in other variables, such as the 
cost of the trip at this particu- 
lar time of the year based on 
fuel prices or the weather. 
They can even launch market- 
ing campaigns targeted at the 
audience most likely to re- 
spond to an offer. 

“Revenue optimization 
takes a finite good, factors in 
demand and comes out with a 
price,” explains Donald David- 


timization 


| off, vice president of pricing 


and revenue management at 
Archstone-Smith, an Engle- 
wood, Colo.-based national 
apartment owner-operator. 

Archstone-Smith uses an 
application from Manugistics 
Inc. in Rockville, Md., that 
forecasts the demand and sup- 
ply for its space to create the 
best pricing across a variety of 
leasing scenarios. 

The software, called Lease 
Revenue Optimizer, comes up 
with a number by factoring in 
what the competition is doing 
and Archstone’s own corpo- 
rate goals for profitability. The 
software also has rules that 
dictate how to respond to 
changes in competitors’ pric- 
ing, Davidoff says. 

The analytical capabilities in 
revenue management software 
can automatically identify and 
segment a company’s most 
profitable customers, explains 
Steven Pinchuck, corporate 
director of revenue manage- 
ment at Harrah’s Entertain- 
ment Inc. in Memphis. The 
company, which operates 
hotels and gaming establish- 
ments, also uses revenue 
management software from 
Manugistics (see diagram). 


Built-in Business Rules 
There can be considerable 
complexity built into the busi- 
ness rules embedded in the 
software. For instance, a com- 
pany in a retail environment 
may tweak the price different- 
ly for a special promotion, us- 
ing variables such as budget 
constraints and sales goals, 
says Ben Vinod, vice president 
of solution development at i2 
Technologies Inc. in Dallas. 
On the other hand, if for 
instance the product isn’t sell- 
ing, there may be an end-of- 





life price optimization, which 





factors in how much of a 
markdown will be available 
and how much stock is still in 
place. 

Once the software is up and 
running, configurations can be 
altered on the fly, depending 
on whatever priorities make 
the most sense, says Vinod. 
The applications can factor in 
key performance indicators 
for a particular industry. 

The software can also be 
programmed to recognize a 
particular sales region or a 
certain line of products that 
are underperforming and cal- 
culate the best pricing scheme 
to effect a turnaround. 

Profit may not even be the 
key factor — a company may 
be more interested in increas- 
ing its market presence and 
may be willing to mark down a 
product accordingly, he says. 

The software’s capabilities 
are still in their infancy outside 
of the supply chain planning 
applications field, says Gartner 
Inc. analyst Karen Peterson. 

The retail industry has 


| shown the biggest demand for 


the applications thus far, be- 


Atm Oe) 


-. 
. st x 


Manugistics 
er 
etn racls 
SN Eid 





Pete) y 


COMPUTERWORLD March 31, 2003 37 


; Cause companies have to fig- 


ure out the best way to price 


products and move them off 


shelves. The software has yet 
to be deployed with much suc- 
cess in other industries where 
there is some interest in rev- 
enue optimization, such as 
high tech. 

Revenue optimization soft- 
ware requires clean legacy 
data, says Davidoff. The legacy 
data often isn’t formatted to be 
recognizable by the software, 
so users must build a data inte- 
gration layer that can find and 
correct errors. 

And users can’t typically 
just install and use revenue 
optimization software out of 
the box, says Peterson. Rather, 
they can get a competitive ad- 


| vantage with it only by under- 


standing the specifics of their 
industry and their corporate 


| strategy and then modeling 


the software accordingly. B 


Are there technologies or issues you'd like 
to learn about in QuickStudy? Send your 
ideas to quickstudy@computerworld.com 


To find a complete archive of our 


| QuickStudies, go online to 


@ computerworid.com/quickstudies 


at Harrah's 
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Products. People. 
Problems solved. | 


From servers to service, Dell has the solution. 


Dell | Small and Medium Business 


Your business has unique needs. It deserves a unique solution. From PowerEdge servers featuring Intel® Xeon™ 
processors to PowerVault Storage and PowerConnect Switches, we offer tailored solutions to meet your business needs 
And of course it's Dell, so you know you're getting the latest technology. But that's only half of the story. Dell! offers 
consulting services that range from deployment and installation to training and certification. All from one source. And 
everything is backed by thousands of service and support people at your beck and call, on-site, online and on the phone 
Suddenly your IT infrastructure doesn’t seem so daunting. Let Dell's one-of-a-kind solutions put you on the path to 


one-of-a-kind success 
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Third Quarter 2002 
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Porn Policy Collars a 
Million-Dollar Customer 


The HR department bends some rules 
when offensive content comes in from the 
company’s largest client. By Vince Tuesday 


BRIEF ALTERCATION | 
this week with a staff 
salesperson gave mea 
new perspective on | 
how pornographic e-mail can 
affect our business. 
Like most companies with 
Internet access, we’ve had 
our share of employees who 
download inappropriate mate- | 
rial. To eliminate the excuse 


My company gives Compaq 
iPaq desktops to most employ- 
ees. The units are quiet, have a 
small footprint and work well, 
but they don’t have a great 
deal of expandability and 
aren’t designed to be upgrad- 
ed or modified. 

The next problem was that 
Malcolm’s machine didn’t 
have a floppy drive. I left 


that the porn came unsolicited, | him twiddling his thumbs and 


our most recent poli- 
cy is quite strict: Any- 
one who doesn’t re- S 
port even inadvertent 
access to inappropri- 
ate material will be 
held accountable 

Because of this pol- 
icy, the security staff has to 
field calls and e-mails about 
every offensive message. Still, 
I’m happy to accept those 
messages if it means that no- 
body can get away with down- 
loading pornography by 
claiming that it was a mistake. 
But then we heard from Mal- 
colm in sales, who reported 
receiving an inappropriate 
e-mail. 


Comedy of Errors 


I arrived at Malcolm's office 
with a set of floppy disks, 
ready to take a copy of the 
e-mail and its contents for in- 
vestigation. This was the first 
time I’d done an investigation 
with the sales team, and I 
wanted to make a good im- 
pression, since we want them 
to stress to our customers how 
secure our company is. 

My plan was simple: Copy 
the e-mail and message head- 
ers, delete the original to stop 
the content from spreading 
further and investigate the 
source. Case closed. 

But it didn’t exactly go well. 
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returned 10 minutes 
later with a remov- 
able drive. Then I 
discovered that 
iPags come with a 
locked assembly to 
stop users from re- 
moving the blank 


| plate in order to insert a flop- 


py drive. So I left again. An- 
other 10 minutes later, I re- 


| turned, this time with a key 


and the drive. At this point, I 


| was slightly flushed and a lit- 
| tle embarrassed. 


I installed the drive without 


| a problem and was getting 
ready to copy the e-mail when 
| Malcolm asked what I was do- 


ing. When I started to explain 
the plan, he suddenly pan- 


| icked. “Whoa,” he screamed, 


as he tried to grab the floppy 


| disk out of my hand. 


It was adult content 
that was unlikely to be 
illegal but was cer- 
tainly in breach of our 
policy - and no doubt 
in breach of our 
customer's policy. 





Apparently the porno- 
graphic e-mail he received 
came from the key contact at 
our largest customer. Mal- 
colm was terrified that any 
kind of formal complaint 
would alienate his contact. 
Our company might then lose 
the account, and there would 
be hell to pay. 

I gave him our normal plati- 
tudes that the course of action 
is up to the human resources 
and legal departments and 
that we just carry out the in- 
vestigations. However, I also 
knew that those departments 
tend to follow my team’s ad- 
vice because of our experi- 
ence in these matters. 

I returned to our lab and re- 


| viewed the material. It was 


adult content that was unlikely 
to be illegal but was certainly 
in breach of our policy — and 
no doubt in breach of our cus- 
tomer’s policy. 


Moral Dilemma 

Did I want to stand firm and 
help stamp out this kind of be- 
havior, even if my company 
might lose its largest cus- 
tomer and millions of dollars 


| in revenue? Or should I rec- 


ommend that our company 
just ask Malcolm to drop a po- 
lite note to his contact saying 
he'd rather not receive any- 
thing like that and let the mat- 
ter drop? 

I must confess that I took 
the easy route and recom- 
mended to human resources 
that we let the matter drop as 
long as Malcolm told the 
sender informally that he 
should stop sending such stuff 
— and that we would be 


forced to take a formal ap- 


proach next time. 

It would be much better if 
we could find a way to stop 
this kind of content from get- 
ting into our company in the 
first place. I’ve always been a 
little wary of content inspec- 





tion products, particularly 
those that look for embedded 
images, because in my experi- 
ence, they just don’t work. 
Still, if we could catch even 
half the porn being sent in, we 
could block or warn off the 
top senders. 


False Alarms 

The reason these products 
don’t work isn’t because they 
can’t identify pornographic 
images but because they tend 
to have a high false-alarm 
rate. Pictures of babies, the 
Mona Lisa and just random 
landscapes and business logos 
can be misidentified as 
pornography. 

I did find one company 
making bold claims in this 
area. I didn’t believe them, but 
it was willing to provide an 


| evaluation copy of its soft- 


ware. The company did, how- 
ever, warn me about the one 
area that the software has 
problems with: Pictures of ele- 
phants are known to cause 
false alarms. Apparently, the 
combination of two large 
round ears and a long trunk 
raises the red flag. 

With this tool, we should be 


| able to successfully block of- 


fensive content — so long as 
that customer doesn’t send 
Malcolm any photos of safari 
trips. I'll report back on how 
well the product works in a 
future column. In the mean- 
time, if you know of any 
good ways to protect staff 
from e-mail with offensive 
content, drop me a line with 
your suggestions. D 


WHAT DO YOU THINK? 


This week's journal is written by a real 
security manager, “Vince Tuesday,” whose 
name and employer have been disguised 
for obvious reasons. Contact him at vince. 
tuesday@hushmail.com, or join the dis- 
cussion in our forum: QuickLink a1590 
To find a complete archive of our 

Security Manager's Journals, go online to 
@ computerworld.com/secjournal 





SECURITY LOG 


Worse Than a Bad Cup of Cof- 
fee,” you'll find that the book is 
full of information that’s other- 


duced software upgrades that 
boost the speed of and allow 
more concurrent users on 
some of its low-end Pix firewall 
appliances. The upgrades in- 
crease the performance of the 
Pix 501 and 506E fivefold and 
add support for the Advanced 
Encryption Standard. 

Cisco also announced 
new midrange models, the Pix 
515E and 525. The 515E-6FE 
costs $7,500, and a pair of de- 
vices that back up each other 
costs $11,000. A single 525- 
2GE costs $14,000, and are- 
dundant pair costs $20,000. 





Find confidence in the midst of chaos. 


Focus on the best in network security, every step of the way. 


Start with a secure foundation. 
Our operating system, IPSO, is built from the ground up for sec 


many vulnerabilities common to general-purpose servers, and also in 


our patented IP Clustering technolo 


linked as one, on the fly, for new 


Integrate the best in network security expertise. 
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help us deliver the full capabilities 

Internet traffic management applic 
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URoam Upgrades 


SSL VPN Appliance | 


URoam Corp. in Sunnyvale, Calif., 


announced last week that it’s 
shipping a revision of its Secure 
Sockets Layer (SSL) virtual 
private network (VPN) appliance, 
the FirePass 1000/4000 server. 
Version 3.5 offers greater securi- 
ty and control for IT managers, 
according to uRoam. It also offers 
policy-based access for users, 
giving them e-mail and file access 
from cell phones, as well as 
e-mail, intranet and file access 


from kiosks. No preinstalled client | 


software is required. Pricing 
starts at $11,000 for a license 
serving 100 concurrent users. 


Vendor Announces 
PlanView v7.3 


PlanView Inc. has announced 
Version 7.3 of its PlanView 
Portfolio Management program. 
The Austin, Texas-based IT port- 
folio, resource and project man- 
agement tool vendor said the new 
version includes tools to rank 
potential IT investments. Plan- 
View 7.3 also includes portals for 
viewing IT investments, tracking 
IT asset performance and manag- 
ing IT project resources. Other 
features include a Web-based 
time and expense module and 
full-text search capability. Pricing 
for Version 7.3, which ships in 
June, starts at $50,000. 


E.piphany Ships 
Two CRM Products 





San Mateo, Calif.-based cus- 
tomer relationship management 


(CRM) software maker E.piptiany | 


inc. last week announced that it 
is shipping two new products to 
help companies in the telecom- 
munications and finance markets 
increase sales volume. inter- 
action Advisor for Telecommuni- 
cations and Interaction Advisor 
for Retail Finance take historical 
data to help upsell and cross-sell 
to customers who contact a 
company by phone or e-mail, 
according to E.piphany. Pricing 
starts at $100,000. 
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Scope Creep and 
Exchange Server 2003 


HEN I WAS IN SCHOOL, I was al- 
ways working on my car. I had it fig- 
ured that I’d save a bundle by modi- 
fying it myself. But inevitably, I’d 
would fail to estimate the scope of 


the project, and I'd spend 
ridiculous amounts of time 
throwing good money after 
bad. That upgrade to a 
four-barrel carburetor 
didn’t fit unless I changed 
out a few hoses and feed 
lines. Then I needed a big- 
ger fuel pump to keep the 
supply lines humming. In 
the end, I decided that the 
carburetor wasn’t going to 
work as advertised unless I 
had the right motor under- 
neath it. Upgrading IT in- 
frastructure is a lot like that, especially | 
when it comes to Microsoft’s products. 

Exchange Server 2003, the upcom- 
ing release of Microsoft’s e-mail server 
software, is a classic example. Micro- 
soft does a very good job of integrat- 
ing its products and creating interde- 
pendent feature sets that it hopes will 
push IT into lock-step upgrades of its 
desktop, server and application soft- 
ware. And to exploit the most com- 
pelling features of Exchange 2003, 
you'll need to do exactly that. 

E-mail administrators who already 
got their fingernails dirty migrating 





from Exchange 5.5 to 2000 can identify 
with these sentiments. Exchange 2000 
was the first version to use Windows 
2000 Server’s Active Directorv as its 
repository for user information, a re- 
quirement that has led many compa- 
nies into major server infrastructure 
upgrades. But Exchange 2000 also de- 
livered real benefits to administrators, 
enabling faster backbone communica- 
tions, more granular administrative 
controls for delegating tasks, im- 
proved reliability and server consoli- 


dation through support for 
four-way servers, active- 
active clustering and mul- 
tiple message databases 
per server. 

If Exchange 2000 was 
about the back end, Ex- 
change 2003 is very much 
user-focused. New features 
include greatly improved 
performance between Out- 
look and Exchange over 
slow links, support for SSL 
session encryption and 
changes to the Outlook 

Web Access user interface to make it 
look like the standard Outlook 2003 
client. Exchange 2003 also supports 
snapshot-backup technology that 
could reverse the trend toward creat- 
ing multiple, smaller message data- 
bases in order to meet backup and 
restore-time commitments. 

Exchange 5.5 users considering a mi- 
gration to Exchange 2003 face all the 
same challenges Exchange 2000 users 
faced, and then some. But for those al- 
ready on Exchange 2000, going to Ex- 
change 2003 might look like a Sunday 
drive. It requires upgrading to Win- 
dows Server 2003, but the Exchange 


| server upgrade shouldn’t require the 


major revamping of hardware and 
server configurations that 2000 did. 
But what about those performance 
improvements over slow links? Users 
at remote sites will benefit. And heck, 
you might even be able to consolidate 


| by removing servers no longer needed | 
| at remote sites. But you won’t see 


these benefits from Exchange 2003 un- 
less you also upgrade to Outlook 2003, 
which ships with Office 2003 later this 


year. The latter won’t work with any- 
thing older than Windows 2000 with 
Service Pack 3. And you'll probably 
need at least 245MB of disk space and 
256MB of RAM per machine. Are you 
ready to go down that road? 

Then there’s Windows Server 2003. 
You could just slide it under your Ex- 
change 2003 servers and be done with 
it. But unless you upgrade the entire 
Active Directory infrastructure, you 
probably won’t be able to use en- 
hancements such as the ability to sup- 
port more than 5,000 users in a group 
or to rebuild branch office servers 
from a CD instead of resynchronizing 
them over the network. 

Add to that the fact that we’re talk- 
ing about new technology here. Win- 
dows Server 2003 won’t ship until 
April 24. And Office 2003 and Ex- 
change Server 2003 aren’t expected to 
ship until midyear at the earliest. Even 
if Microsoft releases these products on 
schedule (and how often does that 
happen?), you could be looking at mid- 
2004 or later for service pack updates. 

All this is not to say that Exchange 
2003 doesn’t have many features to 
recommend it. But for the 20% or so of 
Exchange users that Gartner says have 
already migrated to Exchange 2000, 
there’s no reason to rush to 2003 un- 
less a new feature is critical — and 
worth the risk and expense of related 
upgrades. The 10% who haven’t started 
migrating yet probably should go with 
Exchange 2000 now rather than wait 
for Exchange 2003 to shake itself out, 
| since support for NT 4, which under- 
lies Exchange 5.5, expires Dec. 31. For 
evervone else alreadv working through 
Exchange 2000 migrations, slapping a 
new engine in the IT chassis probably 
doesn’t make a lot of sense right now. 
That 1s, unless you're the type who 
enjoys working on cars. ...D 
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Snake Pit or Gold Mine? 


Times are tough, and most IT 
execs love a challenge, but not 
every CIO job is worth accepting. 
IT professionals like Atefeh Riazi 
(left) offer tips on how to analyze 


a job offer. Page 48 


Premium Protection 

A small but growing number 
of organizations are taking 
steps to buy insurance as 
protection against cyber- 
attacks and data theft. 

Page 50 


Sealing the Deal and 

Collecting Their Due 

Sales forces are gaining access to 
tracking and reporting data through 
information-sharing software, which 
helps ensure that they collect accurate 
commissions. Page 52 





Automating the 
process of tele- 
marketing compli- 
ance can keep the 
phones ringing. 


By Mary Brandel 


@eeeeeeeeoeoeosneeee 800280 
N THE PAST 18 MONTHS, the 
U.S. retail motto has gone 
from “buyer beware” to “sell- 
er beware” when it comes to 
marketing goods and ser- 
vices over the phone. 
Thanks to a flood of state- 
based do-not-call laws, com- 
panies in industries ranging from insur- 
ance, hospitality and travel to real es- 
tate, finance and telemarketing need to 
pay attention to whose number they’re 
dialing — or face first-time offender 
fines ranging from $100 in Wisconsin to 
$25,000 in Indiana. 

That’s the price they stand to pay for 
calling consumers who are registered 
on any of the do-not-call lists that 
more than half of the states now main- 
tain. States are becoming more aggres- 
sive about encouraging people to re- 
port violators, and they’re collecting 
fines from the offenders and publiciz- 
ing their names. And fearing that nega- 
tive publicity could cut into the hun- 
dreds of billions in revenue they make 
from telephone solicitations, compa- 
nies are scrambling to perfect their 
databases and dialing systems. 

Do-not-call laws aren’t new. Florida 
enacted the first such law in 1990. 
Since then, companies have been pur- 
chasing lists, which can cost up to 
$800 annually, and [T departments 
have been merging their companies’ 
lead databases with these lists, purging 
numbers that shouldn’t be called. 

Database administrators also have to 
integrate their companies’ internal do- 
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. 
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not-call lists, which are required by the 
Federal Trade Commission, with their 
customer lists, which could be in sev- 
eral separate databases across the 
company. In one exemption from do- 
not-call laws, companies can call their 
own customers, even if those cus- 
tomers are on a state do-not-call list. 
Unfortunately, the way most compa- 
nies find out that their in-house list- 
scrubbing is imperfect is by commit- 
ting a violation. In the past couple of 


years, even large companies like Chase | 


Manhattan Bank, Wells Fargo Bank, 
Discover Financial Services and Mar- 
riott Ownership Resorts Inc. have 
faced fines. As a result, companies are 
turning to outside service providers 
for list-scrubbing services, and they’re 
implementing systems that automati- 
cally block noncompliant calls. 


Future Call 


“There might be a few companies out 
there that think they can handle this 
in-house, but I don’t think it’s possible, 
unless they have a staff dedicated day- 
in and day-out to doing the research, 
pulling down the information, verify- 
ing it, scrubbing their internal lists and 








FEELING THE HEAT 





ASP-BASED 
LIST-SCRUBBING 


Strengths: 

w The turnaround time 
is fast. 

w It's inexpensive. 

w IT departments can 
retain some control 
over the process. 

Weaknesses: 

@ The resulting list is only 
as good as the ASP that 
does the scrubbing. 

w It's still asomewhat 


manual process, leaving 
room for error. 
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NETWORK-BASED 
BEES EC a alt) 


Strengths: 

= Do-not-call lists are up- 
dated in real time, leav- 
ing no room for error. 


@ Blocks calls placed dur- 
ing restricted hours. 


= Consumers who ask to 
be on do-not-call list are 
immediately blocked 
across the enterprise. 

Weaknesses: 

ws Agents need to dial an 
access code before 
making a phone call. 

w The cost is calculated 
on a per-call basis, so 
the service can get 
expensive. 


ey Nita ice sl ted 
SYSTEM (TELEBLOCK) 


Strengths: 

aw Agents can dial as if 
they're making a normal 
phone call. 


@ Do-not-call lists are up- 
dated in real time, leav- 
ing no room for error. 

Weaknesses: 

w Currently, customers 
have to sign up with a 
relatively unknown long- 
distance carrier. 

gw It's still unclear how 
long-distance providers 
are going to charge for 
the service in the future. 

w Doesn't block calls 
during curfew times. 


checking it again,” says B.J. Neider, 
manager of data transmissions and re- 
sponse modeling in the IT department 
at FutureCall LLC, a telemarketing out- 
sourcer in Colorado Springs. 

Neider says achieving perfect com- 
pliance required “too much time and 
money to tackle with the resources we 
had.” He estimates that it took four IT 
employees 10 hours each per week to 
subscribe to the new state lists as they 
came out, keep up with which states 
had new laws and bring the lists in- 
house, convert them to a workable for- 
mat and scrub them against all the 
contact databases maintained in the 
call center. Even with all that due dili- 
gence, FutureCall was once fined 
$75,000 in New York. 

Neider signed on 14 months ago with 
PossibleNow.com Inc., an application 
service provider in Duluth, Ga., that 
offers DNCSolution, a Web-based list- 
scrubbing application that sends an 
e-mail when any state list has been 
updated. Upon receipt of the e-mail, a 
FutureCall employee pulls the contact 
database from the automated dialers in 
the call centers and sends them to Pos- 
sibleNow, which returns the database 
with flags next to numbers that must be 
suppressed. The employee then sends 
the updated databases back to the call 
centers, all within a matter of hours. 

For example, Neider says, “If Indi- 
ana’s (do-not-call list] was just updated 
and goes into effect tonight, we can log 
on, go to our client folder, have the sys- 
tem scrub the leads, get a return file and 
have it in place the next morning be- 
fore dialing begins,” Neider says. Speed 
is important, he says: “Every hour I 
spend not dialing is revenue lost.” 

FutureCall still needs to subscribe and 





pay for the state lists, but it no longer 
has to be proactive about the updates. 
With this service, Neider figures he 
can scrub 18 million records per month 
at a cost of $36,000 annually. “If I have 
two violations in Indiana, there’s my 
$35,000 right there,” he says. “The 
money we paid out for fines exceeded 
our yearly cost with PossibleNow.” 


Bankers Life 


Other companies find that even that 
process is too manual. One is Bankers 
Life and Casualty Co., which uses 
phone marketing to sell some of its 
insurance products. 

“There are do-not-call lists from 30- 
plus states at this point, and they all 
come in different formats, with different 
update frequencies, some via the Inter- 
net, some on floppies. So first you have 


to aggregate all the lists and then deploy | 


them somehow [to your various loca- 
tions], whether manually or via a cen- 
tralized database. That allows people 
to query it before making a call,” says 
Michael Snavely, a marketing executive 
at Chicago-based Bankers Life. “It’s an 
incredible investment of money.” 

Bankers Life chose a service from 
Norwood, Mass.-based Gryphon Net- 
works Corp., which claims to block 
noncompliant calls in two ways: One is 
via a network-based service, for which 
companies pay a per-call fee. The sec- 
ond is with a system the marketer im- 
plements itself and hooks into its auto- 
mated dialers. The latter system is of- 
ten used by large telemarketing out- 
sourcing companies. 

Bankers Life uses Gryphon’s net- 
work-based system. Any call originated 
by a Bankers Life agent gets routed by 
a local or long-distance carrier through 


| a Gryphon database that contains rele- 





vant state do-not-call lists, updated in 
real time, as well as Bankers Life’s in- 
ternal do-not-call list. If the number 
matches one in the database, the sales 
agent hears a message saying it’s a re- 
stricted number and the call never goes 
through. A call will also be blocked if 
the agent is calling at a time that’s off- 
limits in the state being called — say, 
before 9 a.m. in Connecticut. 

Furthermore, if consumers ask to be 
added to Bankers Life’s internal list or 
say they are on a state do-not-call list, the 
agent can simply press the pound key 
to record the name and number in a 
Gryphon database, blocking access to it 
in every Bankers Life branch. 

“You don’t have to buy any equip- 
ment of any kind,” says Keith Fotta, 
president of Gryphon. “You access the 
service via a network access number 
and put in your code, which locks you 
in for the whole session.” 

Snavely estimates that he spends 
about $100,000 a year to buy the state 
lists, and about the same for Gryphon’s 
annual subscription fee, which is based 
on the number of calls the company 
makes or the number of sales agents 
making calls. Without the system, he 
figures, he would easily pay $100,000 
per year in fines. “And if you’re a mul- 
tiple offender, the state can theoretical- 
ly eliminate your ability to conduct 
telemarketing in that state,” he says. 


A Matter of Survival 


The bottom line is that compliance 
with do-not-call laws is becoming a mat- 
ter of survival for companies that reap 
big revenues through phone-based so- 
licitations. Automating the compliance 
process may take some control out of 
IT’s hands, but technology managers 
can play a huge role in helping their le- 
gal and marketing departments under- 
stand the various technology choices. 
IT will also need to remain involved 
at the implementation level, particularly 
at companies where customer lists and 
contact databases are scattered in dif- 
ferent formats and on different systems. 
“Based on the list of violators I see on 
a regular basis [as they are published by 
the states], I get a strong sense that our 
competitors and peers within insurance 
and in different industries are doing a 
lousy job of this and are getting hit again 
and again and again,” Snavely says. 
Reputations are at stake, not just those 
of telemarketers but of anyone who 
engages in phone-based marketing. D 





Brandel is a freelance writer in Newton, 
Mass. You can contact her at 
brandels@attbi.com. 
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CARRIERS 
OFFERING 
SERVICES 


Another network-based option 
is TeleBlock from Call Compli- 
ance Inc. in Glen Cove, N.Y. 
TeleBlock automatically 
screens and blocks calls to 
people on state, in-house and 
third-party do-not-call lists 
within the network of a partici- 
pating telephone company. 

A company in need of tele- 
marketing services signs up 
for TeleBlock through its long- 
distance carrier, where the 
system is installed. 

One drawback is that Tele- 
block is offered by only three 
small long-distance carriers - 
eMeritus Communications Inc., 
Covista Communications Inc. 
and Illuminet, now owned by 
VeriSign Inc. But through an 
agreement that VeriSign and 
Call Compliance reached last 
year, TeleBlock is now avail- 
able to all telecommunications 
carriers nationally. 

Robert Brous, president of 
HD Brous & Co., a Wall Street 
investment firm with 200 em- 
ployees, says it “wasn't realis- 
tic” for the company to require 
brokers to constantly check 
against state do-not-call lists 
before making a call. He con- 
tracted with eMeritus for long- 
distance service when Tele- 
Block first became available 
three and a half years ago. “It 
basically took any questions 
away of compliance head- 
aches,” Brous says. 

Brous says he also looked 
into building his own database 
and attaching it to the phone 
system, but that wouldn't have 
worked with his company's 
multiple locations. List-scrub- 
bing doesn’t address the prob- 
lem because it doesn’t work in 
real time, he says, “plus, you're 
relying on how well the com- 
pany does the scrubbing.” 

~ Mary Brande! 
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>The most reliable servers are the 
ones you don’t have to think about. 
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oniake Pit or 
Gold Mine? 


Hereare 10 ways 
toanalyzeaClO 
job offer. By Al 
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THE MARKET FOR CIOs isn’t what it 
used to be. “Times are poor, and the 
market is kind of soft,” notes Rick 
Schoenhals, senior director for IT for 
the National Football League’s Denver 
Broncos. The temptation is great to 
jump at any decent-sounding offer. 
Stop. Not every job offer thrown your 
way should be caught. How can a CIO 
know which offers are worth serious 
consideration and which should be 
given a pass? Here are 10 points to con- 
sider when analyzing an offer: 





Is the organization financially 
sound? Unless you're a turn- 
around specialist, beware of a 
troubled company. It will likely 
promise more than it can deliver. 
“The biggest red flag is the financial 
condition of the company,” advises 
M. Victor Janulaitis, CEO of Janco 
Associates Inc., an IT consulting firm 
in Park City, Utah. 


Starting compensation matters. 
Beware if the financial package 
offered is filled with promises for | 
the future. “I'd really look for 
them to want me as much as I want to 
work for them. They need to step up 
with an offer that shows an interest in 
you,” recommends Schoenhals. 


Pay attention to the personal 
chemistry, especially between 
you and the person to whom 
you'll report. “Can you work with 


should | Stay or Should | Go? 


ClOs and the heads of IT have held their titles for an average of four years and eight months, accord- 
ing toa 2002 C/O magazine study titled “The State of the ClO.” Here's a closer look at their tenure: 


How long did you 
stay at your last job? 


How long do you expect to 
stay at your current job? 


and 10 years 


More than 
10 years 
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each other; do you have common goals 
and a common point of view?” asks 
Atefeh Riazi, CIO and senior partner at 
New York advertising agency Ogilvy & 
Mather Worldwide. No hard and fast 
rules exist for gauging personal chem- 
istry. Trust your intuition, says Riazi, 
who adds, “The brain decides if the 
money is right, but then there is more 
— and that more is your gut.” 


How important is IT to the com- 

pany’s top management? If 

you'll be reporting to the CEO, IT 

is probably viewed as important. 
What’s the chief financial! officer’s atti- 
tude toward IT? Ask the CFO for his 
vision for IT within the company. If 
the answer is long and detailed, that’s 
good; if it’s short or vague, watch out. 
Look at the organization’s metrics to 
get an understanding of how IT is 
viewed and measured. Jo Haraf, CIO at 
San Francisco-based law firm Morri- 
son & Foerster LLP, says that in law 
firms, a good ratio of IT staff to overall 
staff is 1-to-20 or 1-25. If the firm you're 
considering has a 1-10 or 1-50 ratio, it 
would indicate a very strong or very 
weak commitment to IT. 


How will your performance be 
measured? Ask the person who 
will be your boss, “How will you 
know if I’m doing a good job or 
not?” You want to know the criteria by 
which you'll be judged, says Gerry Mc- 
Cartney, CIO at University of Pennsyl- 
vania’s Wharton School in Philadel- 
phia. You want a prospective boss who 
can articulate these standards in some 


| detail. “You don’t want the job if they 


can’t tell if you’re successful or not,” 
says McCartney. 


Know the state of drivers behind 

your potential success. Tim 

Buckley, CIO at mutual-fund 

company The Vanguard Group 
Inc. in Malvern, Pa., says for a CIO to 
be successful, he needs drivers such as 
good people to work with, a business 
side that views IT as a partner and a 
company committed to professional 
development for IT staff. 

Understand management and its ex- 
pectations. Katherine Spencer Lee, ex- 
ecutive director at IT placement firm 
RHI Consulting Inc. in Menlo Park, 
Calif., says you should ask yourself the 
following questions: How experienced 
is the management team you're going 
to be a part of? Does it have a history 
of stability? What are the goals of that 
management team, and are they smart 
goals? Have the goals been quantified, 
and are they realistic? And, of course, 
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decides if the money is right, but then there 
is more - and that more is your gut.” 


could you realistically deliver what 
they’re looking for? 

Can you answer all of these ques- 
tions positively regarding the company 
you're considering? If not, you may 
never be successful, no matter how 
good you are. 


How does the job situation fit 

your interests? “Can you have 

passion for the industry and the 

company?” asks Buckley. “If you 
don’t groove on the company, you'll 
never click.” 

Lee makes the point that you should 
wake up each day wanting to go to 
work. If the company seems unlikely to 
generate that kind of passion in you, 
look elsewhere. 


Does the full scope of your re- 

sponsibilities sound interesting? 

This refers to not only the re- 

sponsibilities of IT, but also to the 
scope of the problems the company 
faces, what you will be asked to do and 
how IT and the business side work to- 
gether, says Lars Rabbe, former CIO at 
Redback Networks Inc. and now an ex- 
ecutive in residence at Clearstone Ven- 
ture Partners in Menlo Park. 


Be wary if a company in a major 
metropolitan area is willing to 
relocate you. “Why are they 
spending a lot of money to relo- 
cate you? Why didn’t locals take the 
?” asks Janulaitis. 


position? 
Realistically consider the 
demands of the job. Do you 
want to live your job or live 
your life? If the company’s IT 
department is troubled, you may have 
to put in more time on the job than you 
want. “People are looking for a job that 
allows them to have a life,” says Riazi 
of Ogilvy & Mather. B 





Horowitz is a freelance business and 
technology writer in Salt Lake City. 


| Contact him at alan@ahorowitz.com. 
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PREMIUM 
PROTECTION 


Security breaches. Viruses. Should you 
amend your IT insurance plan to cover 
such risks? By Thomas Hoffman 


SMALL BUT GROWING number of compa- 
nies are looking to buy insurance that 
would provide financial relief in the 
event of a data security breach caused 
by cyberattack or digital terrorism. 

Let’s say a hacker broke into your company’s net- 
works and accessed reams of sensitive customer ac- 
count data. Would your company be covered under 
its general liability insurance? Probably not. 

Three or four years ago, there were a lot more gray 
areas as to whether information security was cov- 
ered under general corporate liability policies, says 
Emily Freeman, a security consultant at AIG eBusi- 
ness Risk Solutions in San Francisco, an American 
International Group Inc. (AIG) division. 

Computer and data security “wasn’t affirmatively 
covered, but it wasn’t excluded either. But now, the 
drift is for exclusion,” says Freeman. As a result, fi- 
nancial services companies, retailers, hotels, travel- 
related businesses and technology companies are 
showing strong interest in data security insurance. 

Commercial insurers such as AIG, Zurich North 
America Insurance Co. and The Chubb Corp. are re- 
sponding with customized cybersecurity policies 
based on individual companies’ exposure to risk. 


Better Policies 


Initial security policies that were available a few years 
ago “had high fees, and they weren’t selling well,” 
says Scott Charney, chief security strategist at Micro- 
soft Corp. But over the past few years, he says, insur- 
ers “have become more savvy in crafting e-policies,” 
even though the amount of business they’re booking 
“js still relatively small,” he adds. AIG has 2,000 net- 
work security insurance customers and roughly 70% 
of the global market, Freeman claims. 

But IT and business managers should be aware that 
potentially crippling worms and viruses like the re- 
cent Slammer virus typically aren’t covered under 
these newer data security insurance policies. 

Why not? Consider the following analogy: Compa- 
nies can buy fire insurance for 20 buildings in one 
city because the chance of a fire sweeping through 
all of the facilities at the same time is pretty remote, 
says Alan Paller, director of the SANS Institute in 





Bethesda, Md., a research organization for security 
managers and systems administrators. “But the rules 
for viruses are completely different — they can affect 
everyone,” he says. Therefore, insurers typically ei- 
ther won't provide general liability coverage against 
worms and viruses or will offer only extremely limit- 
ed property coverage, says Freeman. 

Outside of the financial services industry, where 
electronic transactions with customers are an inte- 
gral business component and high levels of security 
are critical, few CIOs and chief security officers are 
aware of the need for cybersecurity insurance, and 
senior managers rarely seek their advice when they 
are considering the company’s insurance needs. “We 
haven't done any work on this yet, but there’s a slow 
groundswell among some companies to begin taking 
actions on these issues,” says RA Vernon, vice presi- 
dent and CIO at Reuters America Inc., which pro- 
vides information to Wall Street brokerages and the 
financial services industry. 

Before obtaining cybersecurity insurance, compa- 


TOTAL LOSSES 


44% of respondents were will- j 
ing and/or able to quantify their 
financial losses 


TOTAL LOSSES 
5.1% attributed losses to theft , 
of proprietary information 


4.9% attributed losses to : 
financial fraud 
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nies should have a third party conduct a network se- 
curity risk assessment to demonstrate compliance to 
insurers. [See “How to Do an IT Security Audit,” 
QuickLink 35761.] The process includes following se- 
curity compliance steps that are mapped out by the 
ISO 17799 standard, a set of controls that detail best 
practices in information security. 

While the ISO standard is widely used, critics say 
it’s too high-level and specifies security practices 
that are common sense. An example, says Paller: 
“Make sure your systems are safe.” A revamped ver- 
sion of the standard is being written to address some 
of these shortcomings. “Like any tech-related field, 
[ISO 17799] is moving in a million different direc- 
tions at a crazy pace,” says Chris Mullins, director of 
policy and compliance products at Bindview Corp., a 
security software vendor in Houston. 


Evaluation Guidelines 

Mullins advises IT managers to follow the guidelines 
offered by the National Security Agency and the Na- 
tional Institute of Standards and Technology to eval- 
uate their security compliance. These guidelines are 
also used by some companies to demonstrate their 
security readiness to would-be insurers, he says. 

Insurance companies also look at other factors, 
such as the frequency of internal security audits, the 
transfer of internal auditors among business units 
and the clauses in contracts between companies and 
their customers and business partners that stipulate 
the security compliance obligations necessary to re- 
ceive online access to data. 

They also consider human resources policies, says 
Tracey Vispoli, a manager at Chubb, in Warren, N_J. 
These include examinations of how employees are 
trained on IT security practices, how often pass- 
words are changed on laptops and whether organiza- 
tions conduct criminal background checks of job ap- 
plicants. “We're not so much concerned with the 
products [customers] are using to mitigate attacks as 
we are with the [employee and access] controls and 
policies they’ve put in place,” she says. 

Insurers also tend to consider how vulnerable a 
particular industry is to attack. For example, if a 
$15 million office supplies retailer with a limited on- 
line presence wanted to buy insurance, AIG’s Free- 
man says she first would have it conduct a security 
self-assessment using AIG’s Web-based auditing tool. 
But if the client was a bank, AIG would probably 
require a third-party audit or perform an audit itself, 
she says. “It depends on the amount of exposures 
they have and the amount and type of insurance they 
want,” Freeman says. 

For its part, Bindview held a Web-based seminar in 
association with SANS in late February on the legal 
liability for security breaches. “We’ve done enough 
of these to anticipate audience attendance, and we 
had four times the number of people [4,000 total] 
register for this event than we normally have,” says 
Mullins. “We’re definitely seeing a lot more interest 
in this space.” D 


THE MISSING CSO 


When companies look to buy cybersecurity insurance, CIOs, CSOs and 
other IT executives are typically absent from the discussions: 
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IT helps salespeople at the frontlines 
and on payday. By Julia King 


ALL IT A CLASSIC CASE of 

silo syndrome. Every 

month, corporate market- 

ing departments spend 

hundreds of hours and 
tens of thousands of dollars conduct- 
ing research, preparing reports and 
developing promotional materials 
designed to help their companies’ 
salespeople sell more products and 
services. The problem is that salespeo- 
ple often have no easy way to access 
the gold mine of information. 

“Like a lot of companies, Kodak was 
good at collecting data but not very 
good at sharing and updating that 
data,” says James Sanford, senior man- | 
ager of sales communication and strat- 
egy development at Eastman Kodak 
Co.’s consumer imaging unit in Atlanta. 
The upshot was that a lot of scattered 
but valuable marketing information 
and other intellectual 
property, such as details 
about customer prefer- 
ences and orders, was 
going untapped by the 
Rochester, N.Y.-based com- 
pany’s sales force. 

That’s the business chal- 
lenge Eloquent Inc. is ad- 
dressing with its Launch- 

Force content production 
and navigation software, ‘ 


| 





which enables Kodak, 
Hewlett-Packard Co. and 
several other big compa- 
nies to deliver a full range 
of product information — 
including text, synchro- 


Our sales 
reps had 
no confidence 
in our ability 
to produce 
accurate sales 


sales organizations. Earlier this month, 
San Mateo, Calif.-based Eloquent 
merged with Open Text Corp., a knowl- 
edge management and collaboration 
software vendor in Waterloo, Ontario. 

The vendor bills the software as a 
“sales readiness tool” that can give sales- 
people instant access to information 
about new products, pricing and special 
promotions, all of which can be critical 
to sealing a deal and boosting sales. 

In August, Kodak deployed Elo- 
quent’s software as a means of estab- 
lishing a central Web-based repository 
for all product information and collat- 
eral marketing materials. 

The results so far have been “very 
positive,” Sanford says. But, he adds, 

“J don’t think you can say it increases 
sales. What it has really done is allow 
people to get more done and spend 
more face time with customers as op- 
posed to calling around for 
information on the phone.” 

At HP’s Nonstop Enter- 
prise Division in Cuper- 
tino, Calif., program man- 
ager Tom Hill says the 
Eloquent system has deliv- 
ered a tenfold return on 
investment since its de- 
ployment in November 
2001. One of the system’s 
biggest tests came with the 
merger of HP and Compaq 
Computer Corp., when the 
newly combined company 
needed to get hundreds of 
salespeople up to speed 
very quickly on an ex- 


nized video, graphics, au- 


dio and search capabilities 


— to globally dispersed 


reports. 


DAN ELDRIDGE, 
Amersham Biosciences 


panded product line. 
“The business problem 
was real simple. Before 





the merger was final- 
ized on May 7, we 
couldn't do any [prod- 
uct] training of sales- 
people prior to that 
date,” Hill explains. 

“We also didn’t have 
travel money to spend.” 

Instead, all of the 
Compag product infor- 
mation, complete with 
technical manuals, 
graphics, video and 
audio, was loaded into 
the Eloquent system 
running on a Compaq/ 
HP server, which was 
then accessible simul- 
taneously via the Web 
to HP’s salespeople 
around the globe. 

Hill says HP is in the 
process of “closing the 
loop on sales readi- 
ness” by tapping the Eloquent soft- 
ware’s capability to track and report on 
how frequently people actually use the 
system and to measure what they learn 
from it. For example, Hill says he can 
provide a sales manager in California 
with information on how a sales and 
support engineer in El Salvador per- 
forms on an online test about a partic- 
ular product. “We're finally taking 
learning content and integrating it 
with sales,” Hill says. “When we have 
additional product lines and salespeo- 
ple, it will probably add up to a ten- to 
twentyfold ROI on the system.” 

At $1 billion Amersham Biosciences 
Corp., the business issue wasn’t getting 
information to salespeople, but rather 
paying them accurately for what they 
had already sold, says Dan Eldridge, 
manager of business operations at the 
Piscataway, N.J.-based company. Again, 
information silos — in the form of 
dozens of Microsoft Excel spread- 
sheets with data downloaded from Or- 
acle Corp. databases — were to blame. 

“We were managing incentive com- 
pensation for 150 to 160 employees via 
Excel spreadsheets, which was a very 
manual process, very labor-intensive 
and fraught with error,” Eldridge says. 
“Our sales reps had no confidence in 
our ability to produce accurate sales 
reports and accurate incentive [pay- 
ments]. The financial quarter would 
end, and we’d begin calculating incen- 
tives, and then it would take us six 
weeks to pay. After that, we’d spend the 
next four weeks putting out fires, mak- 
ing corrections. So we’d spend 12 weeks 
out of every quarter paying incentives.” 

The issue came to a head when 
Amersham named a new president, 


Overpayment of 


incentive and sales 
compensation 


Systems for track- 
ing commissions 
and bonuses 


Incentive man- 
agement systems 
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who spent his first 
weeks in office getting 
an earful from disgrun- 
tled salespeople. 

Eldridge evaluated 
payment software from 
several vendors, includ- 
ing Siebel Systems Inc. 
and Callidus Software 
Inc. Ultimately, he opt- 
ed to deploy Consho- 
hocken, Pa.-based 
Synygy Inc.’s compen- 
sation software under 
an application service 
provider modei. 

Amersham electroni- 
cally transfers its sales 
data to Synygy once a 
week, and compensa- 
tion payments are cal- 
culated and paid on an 
ongoing basis. Amer- 
sham pays Synygy a 
monthly fee that Eldridge declined 
to disclose, but he says the ROI has 
already been positive. 

“To calculate ROI, I looked at things 
like ‘shadow accounting,’ which is how 
much time sales reps were spending 
analyzing their reports for mistakes 
rather than spending it out in the field 
selling,” Eldridge says. He was also 
able to reduce his department’s head 
count by one full-time worker. 

The bottom line: “We used to spend 
four weeks after we paid salespeople 
fixing problems. Now, we don’t even 
spend a week because very few sales- 
people have problems with their pay- 
ments,” he says. D 


Not Your 
Average 
Paycheck 


Salespeople’s pay is based on 
a combination of ever-shifting 
factors. This year, for example, 
90% of companies will change 
their sales compensation plans, 
which typically include the fol- 
lowing metrics: 


a Profit 

= Quotas 

a Customer retention 

= Customer satisfaction 
a Team-based measures 
a Product mix 


SOURCES: THE ALEXANDER GROUP INC, AND THE 
AMERICAN COMPENSATION ASSOCIATION 
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NEW DB2. A SELF-STARTER 
IN THAT SELF-MANAGING, 


SELF-HEALING 
SORT OF WAY. 
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What keeps databases in game shape? DB2 v8, the most advanced self-managing 

database across Linux? UNIX® and Windows? Turbocharged querying and tuning 

saves time, resources and pushes productivity skyward. And, no matter what form © business is the game. Play to win.” 
your data is in, it lets you access, analyze and manage it. DB2. It’s part of the software 5 

team that includes Lotus? Tivoli® and WebSphere® Learn more at ibm.com/db2/new 
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Purchasing Tactics 


Business managers and chief 
financial officers are playing an 
increasingly important role in 

IT procurement, according to 
research firm Summit Strategies 
Inc. in Boston. Once a company 
decides to evaluate or do busi- 
ness with a vendor, Summit 
said, the business side will turn 
up the heat on the vendor using 
five tactics: 

& Testing the waters with small, 
measurable pilot projects. 

@ Forcing the vendor to share the 
business risk. 

@ Shifting to pay-as-you-go 
strategies. 

® Seeking offshore professional 
services support. 

@ Training the IT staff as contract 
managers rather than as pure 
technologists. 


Where We Work 


According to a recent survey, a 
majority (51%) of employees work 
off-site, but from various locations. 


On-site 
workers 
49% 


Ad hoc teleworkers 
15% 


Remote 


workers: 4% Customer 


—_— site workers 


Regular teleworkers: 7% 12% | 


BASE: 2.057 WORKERS AT COMPANIES 
WITH MORE THAN 500 EMPLOYEES 


Outsourcing Deals 
Are Falling Short 


Through 2003, senior executives 
will give failing grades to 50% of 
all outsourced IT deals because 
they don’t deliver the anticipated 
value, according to Gartner Inc. 


One problem is that many compa- | 


nies have failed to develop a com- 
prehensive strategy and instead 
try to fix problems and change 
contracts on the fly. Gartner esti- 
mates that fewer than 30% of 
companies have formal plans for 
managing long-term relationships 
with external IT service providers. 
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Working Hard: Making the 
Same Mistakes Over and Over 


BELIEVE that IT is not yet a profession because 
we do not learn from our mistakes. We do not 
change our behavior. We have not codified the 
body of knowledge gained from the past 40 years 
of experience, and we do not teach this knowl- 
edge in any coherent manner to those entering or al- 
ready working in the field. Massive, multimillion-dollar 
debacles are not just isolated occurrences in IT. They 


are the norm. 


We are all aware of The 
Standish Group’s studies of 
the past few years that docu- 
ment a 70% failure rate for IT 
projects. Some 30% fail out- 
right, and another 40% drag 
on for years, propped up by 
huge cash infusions until 
they are finally shut down. 

How can a group that has 
a 70% failure rate call itself a 
profession? What if surgeons 
had a 70 % failure rate? What 
if airline pilots had a 70% 
failure rate? Would they 
even be allowed to continue 
to practice their professions? 

People in the construction 

industry routinely build 

buildings that don’t fall down until they 
are torn down. We IT folks — many of 
whom have fancy advanced degrees — 
can barely build an accounting system 
that will survive a month-end close. 

Companies can’t afford to continue 
throwing money at IT projects and ac- 
cept the paltry 30% success rate that’s 
the current norm. Yes, the IT field is full 
of complexity. Yes, the pace of change 
seems overwhelming at times. Yet if we 
who claim to be professionals in the 
field can’t define a basic set of practices 
and use them to drastically increase the 
success rate of IT projects, then we have 
little reason to exist. 

I propose a set of seven design guide- 
lines and six organizational principles 
for developing information systems. 
These guidelines and principles should 
remain constant over time, regardless of 
the technology being used. They create 





a clear and accurate frame- 
work that codifies what has 
been learned about building 
information systems. The 
simplicity of the framework 
makes it readily under- 
standable so that it can be 
widely used. 


Design Guidelines 
A system design that re- 
spects all seven of these 
guidelines is the best. It’s 
still a competent design if 
one of these guidelines is 
violated, as long as it’s not 
the first guideline. If two 
guidelines are violated, 
there need to be very good 
reasons for doing so, and compensations 
must be made for those guidelines that 
are broken. If three or more guidelines 
are broken, then the design is seriously 
flawed, and the system can’t be success- 
fully built. 

The guidelines are as follows: 

1. Closely align systems projects to re- 
spond to specific business opportunities 
or needs. 

2. Use systems to change the competi- 
tive landscape. 

3. Leverage the strengths of existing 
systems to build new systems. 

4. Use the simplest possible combi- 


| nations of technology and business 


processes. 
5. Break the design of big systems into 
smaller subsystems to reduce the overall 
complexity and lower the risk of build- 
ing each subsystem 
6. Don’t try to build a system whose 





complexity exceeds the organization’s 
capabilities. 

7. Don’t renew a project that has failed 
once using the same system design and 
project organization. 


Organizational Principles 

If the design of a system respects the 
guidelines listed above, then the use of 
these six principles will ensure a suc- 
cessful project. If any one of these prin- 
ciples is ignored, then special precau- 
tions must be taken to compensate 

for that. If two or more principles are 
violated, then the project will flounder 
and fail. 

The principles are as follows: 

1. Make sure that every project has a 
qualified full-time leader with overall 
responsibility and authority. 

2. Define a set of measurable and 
nonoverlapping objectives that are both 
necessary and sufficient to build the 
system that’s the goal of the project. 

3. Assign project objectives (or sub- 
systems) to teams of two to seven peo- 
ple, with hands-on team leaders and the 
appropriate mix of business and techni- 
cal skills. 

4. Tell project teams what to do, but 
let each team figure out how to do what 
has been assigned to them 

5. Break project work into tasks that 
are each a week or less in duration and 
that produce usable subsystems every 
30 to 90 days. 

6. Provide office staff to work with the 
project leader and the team leaders to 
keep project plans and budgets up to 
date and accurate. 

We IT people need to understand 
these guidelines and practice these prin- 
ciples in different situations. The ability 
to do this consistently is what will deliv- 
er the successful results that enable us 
to truly call ourselves professionals. D 


THE SKILLS OF THE GAME 





| Visit our Web site to learn the six core techniques that 


every IT project team needs to master 
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New! APC solves top 4 rack problems. 


Benefit today from optimal cable management, With a full range of compatible APC components, 
TOP FOUR RACK-BASED PROBLEMS ee _ e ’ p 
effective cooling, and remote power distribution you can customize a solution to fit current avail- 
The NetShelter® VX rack enclosure supports your ability needs, and build upon this foundation as 
= PROBLEM SOLUTION entire data environment, including servers, net- future requirements change. Why wait? To find out 
working and communications, and storage devices. more today, visit us online at www.apc.com 
Cabling Additional enclosure depth for better 
Nightmares cable management and power distribution 
Next generation, high-quality enclosures 


Optimal cooling distribution and heat 


Spots . * Fully ventilated front and rear doors with enhanced ventilation rm maximize airfl 
= exhaust for rack environments y pattern maximize airflow 


+ Overhead, base and side cable access provides easy, integrated cable management 
+ Rear Cabling Channel (42” deep versions only) allows for easy installation, 

access and serviceability of both data cables and power distribution 
+ Available in multiple configurations: 35.5” deep, 42” deep, beige or black 


Brand Vendor-neutral mounting backed up by : 
ibility “Fits like a Glove”* money-back guarantee : S oe : ee 
- Economical solutions for wiring closets and networking applications 
* Designed to accommodate networking devices such as hubs, routers and switches 


Blown Circuit Monitoring of power and environment at 
Breakers rack helps avoid downtime 


* Industry standard 7’ high design provides 45U of equipment mounting space 
* Self-squaring design allows one-person assembly 
+ Made of high-strength 6061-T6 structural-grade aluminum 


Air Distribution Unit (ADU) (x-cranisien: 


2U rack-mounted fan unit distributes cool air to rack enclosure equipment. 
« For racks up to 3kW of power consumption on raised floors 
« Adds 30% efficiency air filtration to supply air for equipment intake 
« Delivers equalized airflow from the bottom to the top of the rack enclosure with dual fans 


« Adjustable depth to fit most leading enclosures 


Heat removal for enclosures in IT rooms and data center hot spots 

« Enables up to 7.5kW of power consumption in a rack, without taking up U space 

- Automatic fan speed adjustment leads to greater energy efficiency 
« Dual-power input cords allow the unit to attach to redundant power sources 
« Ducting kit to drop ceiling plenum allows higher temperature from equipment exhaust 
to be delivered directly to A/C retum stream 


e Distribution Uni . 


Distribute, monitor, and remotely control power in rack pa 


* Basic: Vertically and horizontally mounting with a range of amps 
and voltages 


* Metered: Ability to monitor the current draw and set alarm thresh- 
olds that when exceeded, provide both visual and audible alarms 
* MasterSwitch®: Advanced, remote power distribution and 


control. User configurable. Users can configure the sequence in = 
which power is provided to individual receptacles upon start up errs 


ERT 


fi 


Monitors environmental conditions in racks and rooms a. 
v- 
* Sensors continuously monitor the temperature and humidity ot environment  .—— 

= 


+ Four user-definable external inputs allow use with sensors for fire, A 


water, smoke, unauthorized entry and physical security b= S 
* Communicates information in a variety of formats to ensure that your application is supported 


4 
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Aa 


DELL * CISCO * LUCENT Rack-mount LCD monitors save space in IT environments 

eae mit * Provides on*timal functionality while utilizing only 1U (1.75") of rack space 
Fits Like a Glove” guarantees 

that all brands of EIA-310-D 
compliant equipment fit inside. 


FREE APC Rack Power Distribution 


Unit for the first 100 entrants! Arc 


Get yours today! Visit http://promo.ape.com Key Code j595y Call 888-289-APCC x6524 © Fax 401-788-2797 Legendary Reliability” 


©2003 American Power Conversion Corporation. All Trademarks are the property of their owners * E-mail: esupport@apcc.com * 132 Fairgrounds Road, West Kingston, Ri 02892 USA * APCIO3EF-US 
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Computer Systems Analyst 


Perform the role of Technical 
Lead. Analyze data process- 
ing requirements for software 
development, using Business 
Objects, Visual Basic, ASP, 
J2EE, Java, Weblogic, Data 
warehousing. Interface with 
project manager, customers 
and developers. Req. 2 yrs 
prev exp. Send resume to 
BLC Consulting, Human 
Resources, 26 Jefferson 
Court, Wethersfield, CT 
06109 


eking qualified applicants for 
the following positions in Mem- 
phis/Collierville, TN: Senior Busin- 
ess Application Analyst. Act as 
liaison between technical devel- 
opers and users/customers 
Requirements: Bachelor's degr 
ee* in computer science, busi- 
ness, math, engineering or related 
field plus 5 years of experience in 
analyzing business systems and 
developing technical automated 
solutions. Experience with SQL 
CGI environment and J2EE envi- 
ronment also required. “Master's 
degree in appropriate field will off 
set 2 years of general experience. 
resumes to Sibi George 
FedEx Corporate Services, 1900 
Summit Tower Bivd., Suite 1400. 
Orlando, FL 32810 EOE 
MWF/D/V 


ISAT 


Programmer Analyst Positions 
Multiple Openings 


Lenexa, KS lab company looking 
for professionals to perform main- 
tenance on legacy systems. Must 
have a permanent work visa. Must 
have BA in Computer Scien: 
related field and 2 years experi 
ence 
Send resume, including salary his: 
tory to: Human Resources at 913 
859-6989 or jobs@labone.co 
Joo/benefits line: (913 
www.labone.com. EOE M/F/D/V 


Management Analyst 
Conduct analysis on compa- 
ny’s management information 
financial and business data to 
make suggestion to the man- 
agement; and conduct market 
ing research and study in com- 
puter parts wholesales and PC 
networking products. Min 
Bachelor degree in manage- 
ment or business plus 1 year 
exp. in job offer or 2 years 
relaied management exp 
Send resume to HR, Computer 
Byte Technologies, LLC 
33838 Pacific Hwy S, B-104 
Federal Way, WA 98003 


| Programmer Analyst. 

| Experience w/ C++, 
VB, Java. Must have 
BS in CS, Comp 

} Eng., or EE. Must 

| have authority to 
work in US. Send 
cover letter and 

|} resume to Jennifer 
clo PCS at 1415 N 
Dayton, Chicago, IL 
60622. 


J2EE Developer: Design, imple- 
ment, and test the web applica- 
tion using HTML, JavaScript, 
DHTML, CSS, XML, Java Serv- 
lets, and JSP. Implement server 
side functionalities using EJB 
JMS with the Weblogic applica- 
tion server. Req. Bachelor 
Degree or equivalent in CS, CIS. 
Engineering, or related field with 
nine months exp. in job offered or 
as programmer. Must be profi- 
cient in Java, JavaScript, JSP, 
Java Serviets, XML and SQL 
Server. 40hr/week, 9-5. Contact 
Business Computer Applications 
at 2180 Satellite Bivd., Ste. 325 
Duluth, GA 30097 


Software Engineer: Design, 
develop, implemeni, maintain, 
troubleshoot the network 
infrastructure, data communi- 
cations & associated hard- 
ware.Exp with Windows NT 
server, Cisco Routers 
LAN/WAN, switches & hubs 
Req MS in Comp. Sci 
Engg/Rel field with 2 yrs exp 
or BS with 5 yrs exp. Wages: 
$78,000/yr, 40 hrs/wk, 8am- 
5pm. Send 2 resumes to 
Case#200114223, Labor Ex 
change Office, 19 Staniford 
St. 1St FI., Boston, MA 02114 


Software engg or other IT profes- 
sionals wanted. Duties include 
design, develop, test, code & 
implement software applications 
and computer systems to meet 
client's needs; customize appli- 
cation including a special soft- 
ware application QC Manager 
3.0 to improve data review and 
reporting and enhance manage. 
ment; perform system testing. 
use Window 2000 Server, SQL 
Server, Kava Charts 3.0; VB 
Oracle, SQA Robot. Require: MS 
or equivalent (BS with 1-5yr exp. 
in IT field). Send resumes to 
Infomeric, 3711-C University Dr 
Ste. 4, Durham, NC 27707 


Sys/Prog. Analyst with experience 
in E-Commerce. Applicant would 
assess the current environment 
provide recommendations for 
achieving highly secure solutions 
within the required time frames, 
ide remediation assis- 
training. Prepare work 
Plans, status reports and conduct 
briefings. Assist in the 
pment and presentation of 
proposals. MS in IS or equivalent + 
1 yr. Exp. in s/w design, develop- 
ment and implementation. Experi- 
ence with SDLC, OOPS, XML 
ASP.NET, VB, SOAP, payment 
gateways (using either XML 
C/C++, Java API's) is required 
Apply to point b inc., PO Box 955. 
Pierre, SD 57501 


TAMKO Roofing Prod- 
ucts, Inc. seeks Computer 
Programmer in our Joplin, 
MO loc. Pos. involves 
coding and testing, work 
with data, draw flow- 
charts, write operator 
instructions. Must have 
BS in Computer Science 
or related field + 2 yrs rel- 
evant experience. Send 
résumé to TAMKO Roof- 
ing, 220 West Fourth 
Street, Joplin, MO 64801. 
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Manager, Software Develop- 
ment sought by NJ based 
Securities Dealer for position 
in Jersey City, NJ office. Must! 
possess Bachelor's degree or’ 
equivalent in Computer 
Science or directly related 
field and 5 years exp. in soft- 
ware/systems development 
and design including C/C++, 
JAVA, PL/SQL. Respond to 
Human Resources Depart- 
ment, KFP02-095, Knight 
Financial Products, 130 
Cheshire Lane, Suite 102, 
Minnetonka, MN 55305 


Sr. Database 
Administrator 


Oversees client/server appli- 
cations, build using Visual 
Basic & Oracle. Installs, main- 
tains, supports & enhances. 
applications. Req Bach in any 
field & 2 yrs exp in the job/2 
yrs exp as Programmer, 
Analyst Jobsite West 
Greenwich, Rhode Island 
Send ad & resume: Yen C 
Chong, Amgen inc., One 
Amgen Center Dr., Thousand 
Oaks, CA 91320-1799 
Include Ad# 02-449FV. 


VT consulting co. with clients on 

the East Coast needs 

* SAP R/3 Ali modules, APO. 
CPCC 

+ C, C++, VC++, PB, VB, .Net. 
Unix, Brokerage 

+ J2EE, HTML, ASP, Vignette 

+ DBA-Oracle/SQL/Sybase. 
DB2/UDB 

* Legacy systems conversion 

* QA testers / Network Analysts 

Mid and Sr. positions. Bachelors 

with min. 1 year of exp. Salary com- 

petitive. Re-location required 

Send cover letter and resume with 

salary requirement (Mention 

VTREQ0301 in subject) to 

resumes@syncrotechnologies.com 


Computer Program Analyst 


International Advanced 
Business Computing, Inc 
now has 2 Computer 
Program Analyst positions 
available. Incumbent should 
hold a BS in Computer 
Science or Engineering and 
have at least one (1) year of 
experience in the industry. 
Please send your resume 
and credentials to Human 
Resources at IABC, 5634 
Owens Drive, Suite 208, 
Pleasanton CA 94588 


Exp'ed Prog/Sys Analysts, S/W 
Enggs, DBA's required to design 
develop appis using some oi the 
foll: C, C++, VB, PB, Dev 2000. 
Pro*C, Java, J2EE, HTML, JDBC. 
EGRET, EPI-INFO, XML, JSP, 
Serviets, ASP, SQL, COBOL 
CICS, VSAM, XGEN, packages 
(SAP, BAAN, Oracle, Peoplesoft) 
web/wireless/internet technologies, 
data warehousing and decision 
support appis with MS SQL Server. 
Sybase, Oracle, DB2 on MVS 
UNIX, Windows, UNISYS plat- 
forms. Ail positions req. BS/MS or 
foreign equiv in CS/Engg./Sci./ 
Math/Buss.Admin /related field with 
relevant exp. High salaries. F/T. 
Travel required. Resumes to: HR 
Salem Associates, Inc., 405 6th 
Ave., Ste 102, Des Moines, IA 
50309. 


Manhattan Associates, Inc., a 
worldwide leader in supply 
chain execution systems is 
looking for IT professionals to 
join our team at our Atlanta, GA 
& Burlington, MA locations 
Openings include the following 
technologies: C++, XML, Java, 
JSP, HTML, EJB & J2EE, 
COM, VC++ & VB. Some posi- 
tions req masters &/or substan- 
tial travel. To be considered 
Must be authorized to work 
perm in US. Resumes to: J 
Lurey, Manhattan Associates, 
2300 Windy Ridge Pkwy, 7th 
FI.N, Atlanta, Georgia 30339. 


Systems Admins to pian, imple- 
ment, maintain and troubleshoot 
LAN/WAN installations; install, 
maintain, administer IS Web 
Servers, SQL Server, Windows 
UNIX, LINUX; design, develop 
systems for transmission of 
voice/image data within multiple 
network environments; install 
upgrade network computer 
hardware/software Require 
B.S. or foreign equiv in 
CS/Engg. (any branch) with 2 
yrs exp in sys. administration 
High salary. F/T position. Travel 
involved. Resumes to: HR, ACT, 
3355 Breckinridge Blvd. Suite 
128, Duluth GA 30096 


Programmer/Analyst 


Integrate computer systems 
for 10 jewelry stores: 
Analyze systems, determine 
req. & plan interface. Create 
& test prototypes. Perform 
project adm. & network 
mgmt. Reg.: Assoc. Deg 
Comp. Sci. or related or 
equiv., and 2 yrs. exp in job, 
or 2 = yrs as Comp 
Programmer. Resume to: 
Gold ‘N Diamonds, Inc., 250 
Spring St., #6£320, Atlanta, 
GA 30303 


SAS Programmer: Provide com- 
puter support and programming 
services to facilitate the data 
management and analysis for 
CDC. Write SAS programs for 
data analysis, coordinate, devel- 
Op, and maintain large databas- 
es and applications, and provide 
data, graphics, and analysis to 
appropriate branch personnel 
Req. BS in CS or related field 
Must be proficient in SAS/AF 
SAS/FSP, SAS Intrenet, and 
Base SAS 40hr/wk 9-5 
Contact Business Computer 
Applications, inc. at 2180 
Satellite Bivd Suite 325, 
Duluth, GA 30097 


NEED TO HIRE? 
SSN a eee eld 


ITcareers and |Tcareers.com 
reach more than 2/3 of all US 
IT workers every week. If 
you need to hire top talent. 
Start by hiring us 


Call your !Tcareers Sales 
Representative or Nancy 
Percival at 
1-800-762-2977 


ITCAREERS 


IT/Careers 


LON ee 
NETWORK WORLD, 
COMPUTERWORLD, 
AND INFOWORLD 
HELP YOU Do 
A BETTER JOB. 


Now Let Us HELP 
YOU GET ONE. 


CALL: 
ire1 01ers 


IT|careers 


2-297 7 





IT;|\Careers.com 


SOFTWARE ENGINEER 
Requirements: developing banking 
and financial applications using 
Oracle and utilities as a backend 
and Oracle software development 
tools as the front end. Developing 
Data Warehousing project using 
Oracle as a backend. Ability in 
using Pro*C, PL/SQL, Visual Basic. 
Developer 2000 and Oracle utili- 
ties. Knowledge in UNIX, MS-DOS. 
Windows 3.0/98/NT operating sys- 
tems. The job duties are: Analysis 
of current procedures and prob- 
lems to refine and convert the data 
to programmable form; determine 
output requirements; study existing 
system to evaluate effectiveness; 
upgrade systems presently in use: 
develop, test, and implement new 
software; observe functioning of 
newly implemented systems and 
programs for trouble areas; correct 
systems/programs as necessary. 
Requires Master's in Computers or 
Sciences or equivalent, no experi- 
ence necessary. 40 hours per week 
at $71,000 per year. Please send 2 
of resume to Case 
Labor Exchange 
19 Staniford St, 1st Floor, 
Boston, MA 02114 


SENIOR APPLICATIONS DEV- 
ELOPER (SENIOR SOFTWARE 
ENGINEER) - 40 Hours Per 
Week, 9 am. - 5 p.m 
$68,453.00 per year, Located in 
Miami, FL. Requires Bachelor's 
Degree or U.S. equivalent in 
Computer Science or 
Management Information 
Systems and 4 years experi- 
ence in the job offered or related 
occupation of any combination 
of Software Developer and/or 
Software Engineer. Design 
develop and implement medium 
to complex client Server applica- 
tions. Support and maintain 
existing applications in a Client 
Server environment. Use and 
adhere to a Software 
Development Life Cycle 
Process. Interact with business 
clients to produce meaningful 
business requirements. Develop 
and maintain detailed project 
plans and resource estimate for 
projects. Excellent programming 
skills in any/all of the following 
Powerbuilder, Visual Basic 
Oracle Developer and working 
knowledge of Oracle, SQL 
Server databases. Send resume 
to maria.ferrante-wilson@coul- 
ter.com at Beckman Coulter, Inc 
An EOE 


Software Engineer. Analyze 
s/ware dvipmt project reqmts. 
dsgn objects & algorithms 
impimt s/ware dvipmt project 
solutions; write test cases for 
quality assurance testing of 
s/ware. Req: BS in Engg, Comp 
Sci or related field + 2yrs exp in 
job offd or as S/ware Dvipr or 
similar duties under a different 
job title. 2 yrs exp w/CAE s/ware 
dvipmt, C++ lang & object-ori- 
ented modeling, MS Dvipmt 
Studio, Windows NT OS. Exp 
w/modeling real world engg 
systms w/simulation s/ware. 
Demonstrated know! of data 
architecture & dsgn in engg 
s/ware systms, incl Comp Aided 
S/ware Systms. 40hrs/wk 
$60K/yr. Must have proof of 
legal auth to work in US. Send 
your resume to IA Workforce 
Center, 1700 S. 1st Ave., lowa 
City, IA 52244-2390. Please 
refer to JO  1A1101698 
Employer paid ad. 


Software Test Engineer to work 
under supervision to conduct 
performance tests on risk 
assessment software using 
object oriented technologies 
including C++ and Apache Ant 
Apply knowledge of statistical 
and probability mathematics and 
programming to test and/or 
modify risk assessment algo- 
rithms. Requires a Bachelor's 
degree in Computer Science 
and 2 years experience. 
Oakland, CA job location 
Contact L Phillips, ABS and 
Affiliated Companies, 16855 
Northchase Dr., Houston, TX 
77060. Refer to job HC-QAE 


CW030331E/W/MW 2 


SOFTWARE ENGINEER: duties 
include: design, build, maintain, 
and enhance a desktop system 
using Microsoft technologies 
including VB 6.0, SQL, and MS 
Access which will track and 
administer executive deferrals in 
a non-qualified 401(K) plan; 
work with Web Application 
Developers in the web-enable- 
ment of this product; design and 
ensure database integrity 
improve system optimization on 
a variety of platforms; work in 
conjunction with software quality 
analysts to define testing para- 
meters and enhance system 
performance. SE will also 
design, build and maintain an 
internet-based financial applica- 
tion integrating financial prod- 
ucts of multiple carriers 
Involves load balancing and sys- 
tems optimization. Min reqt's: 
BS/BA (foreign equivalent 
accepted) in CS, IT, Engineering 
or related and 18 mths of exper. 
in the job offered or 18 mths 
exper. in related occup. as an 
Analyst, Engineer, Programmer 
or any related occup. 18 mths of 
exper. may be pre or post 
BS/BA. PLUS, must have work- 
ing experience with VB, C, C++ 
and MS Windows Operating 
Systems. Must have experience 
with document tracking function. 
ality of multinational financial 
modules. Basic pay is $56,763 
per year for full-time employ- 
ment (Mon.-Fri., 9-5) and stan- 
dard company benefits. EEO 
Submit 2 resumes and respond 
to Case No. 200115410, Labor 
Exchange Office, 19 Staniford 
Street, 1st Floor, Boston, MA 
02114. 


Principal Consultant Software Eng- 
ineer/Developer to serve as a lead 
technical consultant responsible for 
analysis, design, development, and 
implementation of Web applica- 
tions for both Internet and Intranet 
Will work with tearm of developers 
using Java and C/C++ under Win- 
dows and UNIX to develop, test 
and debug client/server apolica- 
tions in development environments 
including Symantec Cafe, Visual 
J++, or Visual C++. Will perform ail 
graphical user interface (GU!) and 
database development for various 
systems. Will establish and monitor 
project plans, working directly with 
user community for project defini- 
tion. Will provide technical evalua: 
tion estimates on initiatives and 
maintain user-external group rela- 
tionships. Requires Bachelor's de- 
gree in Computer Science, Engin- 
eering, Mathematics, or Physics 
and six (6) years experience in job 
offered OR six (6) years experience 
in developing client/server applica- 
tions. OR, in the alternative, Mas- 
ter's degree in Computer Science. 
Engineering, Mathematics, or Phy- 
sics and four (4) years experience 
in job offered OR four (4) years 
experience in developing client/ 
server applications. Candidate 
must also possess demonstrated 
expertise developing applications 
in Java and C++, as well as dem- 
onstrated expertise in OO design 
and analysis. Salary: $97,500/yr: 
Mon-Fri, 9:00AM-5:00PM.Submit 
two copies of resume to Case # 
200116237, Labor Exchange 
Office, 19 Staniford St, 1st fi 

Boston MA 02114 EOE 

Applicants must be eligible to 
accept full-time employment in U.S. 


Programmer Analysts for IT 
company in Harrisburg, PA to 
research, design, test & develop 
computer software systems & 
applications using ASP, HTML 
DHTML, Peri, JIS, |-planet 
Webserver, Oracle, CRM tools & 
apply principles & techniques of 
computer science. Use operat- 
ing system Win NT. Bachelors or 
equivalent in Computer 
Science/Science/Engineering or 
equivalent plus 2 years experi- 
ence in job offered. Will accept 
any equiv combin of edu, train- 
ing &/or experience that meets 
the minimum requirements 
Resume to: Sysallies, Inc-a divi- 
sion of Advanced Data Systems 
at 3863 Union Depost Road. 
Harrisburg, PA 17109, Email 
aj@adsincorp.com, fax: 717- 
561-4263. 


TI: ca 


SDG Corporation 
Seeks software professionals to 
work in West Chester, Ohio with 
experience in any six of the fol- 
lowing technologies: Oracle, 
LDAP, Unix, MS, SQL server. 
Java,Web Logic, Rational Rose. 
Apache and Planet Server 
Oracle Application DBA 
(Norwalk, CT.), required experi- 
ence in team leadership, design- 
ing and administering Oracle. 
ERP, and distributed database 
architecture solutions under 
Windows NT, and Unix 
Relocation within USA possible. 


Security Architect: (Norwalk CT.) 
required experience in design- 
ing, implementing and managing 
networks based on NT, Unix and 
Novell including design and 
implementation of network secu- 
rity systems. Relocation within 
USA possible 


Oracle Applications DBA 
Norwalk, CT. Require experi- 
ence in team leadership and 
designing and administering 
Oracle ERP and distributed 
database architecture solutions 
under Windows NT and Unix 
Relocation within USA Possible 
Attractive compensation pack- 
age 


Software Engineer (QA) - 
Norwalk Ct. Job entails and 
requires experience in develop- 
ment and testing of applications 
using DHTML, Oracie, Unix 
SQL Server and Visual Basic 
Require Bachelors and 1 year 
experience 


Attractive compensation pack- 
age. Send resume to Catherine 
Fanucchi @ SDG Corp., 65 
Water Street Norwalk, Ct 06854 


TechNation Software Consui- 
ting, Inc, a software consulting 
company with its main place of) 
business at Sioux Falis, SD has 
a position for a software profes- 
sional whose duties will involve 
gathering requirements, doing 
business analysis and proposing 
solutions for IT needs of health- 
care and pharmaceutical indus- 
try. The individual will build and 
lead a team to develop solutions 
for scftware dealing with clinical 
trials for the pharmaceuticai 
industry 


Job Requirements: Bachelors 
degree with a concentration in 
computer science or equivalent 
with additional coursework in 
Medicine or pharmacology 
Should have knowledge of clini- 
cal trials along with a minimum 
of 3 years experience in soft- 
ware programming, Analysis 
and three years experience in 
business development 


TechNation provides onsite-con- 
sulting services to clients across 
the United States and hence a 
key requirement for this position 
is that candidates must be will- 
ing to relocate across the coun- 
try for periods between 3-6 
months or as needed 


Send resumes to Rona Troff. 
300 N. Dakota Ave. Suite 
#505B, Sioux Falls, SD 57104 or 
email rtroff@tnscinc.com 


Senior Network Engineer. Naper- 
ville, IL. Research, design, cevel- 
opment, testing, implementation 
and configuration of LAN’s, WAN’s 
and related equipment and compo- 
nents. Work with Cisco networks. 
Cisco IP Telephony, and informa- 
tion systems security. Required: 
Bachelor's degree in computer sci- 
ence/engineering/mathematics/rela 
ted, and all of the following certifi- 
cations: Cisco Certified Internet- 
work Expert (CCIE), Cisco IP 
Telephony Support Specialist 
(CIPT), and Certified Information 
Systems Security Professional 
(CISSP). Employer will accept US 
or foreign equivalent of Bachelor's 
degree in computer science/engi- 
neering/mathematics/related. NO 
PHONE CALLS. Forward resumes 
to: CDS Office Technologies, Mr. 
Michae! Patterson, 612 South 
Dirksen Parkway, Springfield, IL 
62703 


REERS 


PRINCIPAL EMBEDDED 
SOFTWARE ENGINEER 
Duties include: As the technical 
leader of the development team, 
PESE is responsible for devel- 
oping specifications, architec- 
tures, design, implementation 
unit testing, integration, and 
maintenance of embedded soft- 
ware on a DSP platform. Daily 
duties include: writing the func- 
tional specifications, decompos- 
ing the functional specifications 
into component requirements 
and estimating the time-to-com- 
plete based on the requirements 
and preliminary design informa- 
tion; leading architecture devel- 
opment efforts; maintenance of 
‘existing DSP firmware to sup- 
port existing and future software 
releases; and mentoring junior 
engineers. Daily work with: the 
TRxStream series product line 
which consists of PCi and cPCi 
voice, IP telephony, fax, and 
telephony hardware, embedded 
software (firmware), device dri- 
vers, and APis. Min. Reqts 
BS/BA (foreign equivalent 
accepted) in CS, IT, EE or relat- 
ed field of study AND 8 years of| 
experience in the job offered OR 
8 years in any occupation with 
experience with development of! 
real-time embedded systems. 
PLUS, must have demonstrated 
experience and working knowl- 
edge of the following: (1) 
Programming | skills: C/C++ 
expert; Tl DSP assembly lan- 
guage program.; and real-time 
embedded systems program. (ie 
real-time speech compression 
digital filtering & tone detection); 
and (2) Voice over IP and PSTN 
telephony technologies and pro- 
tocols. Basic pay range is 
$90,000 to $110,000 year for FT 
(9-5) and standard company 
benefits. EEO. Submit 2 
resumes and respond to Case 
No. 2001 16454, Labor 
Exchange Office, 19 Staniford 
Street, 1st Floor, Boston, MA 
02114, 


Lead Web Applications Developer 
for Montgomery, AL office, to devel- 
‘op & maintain large-scale internet/ 
intranet applications. Assist in site 
architecture creation & develop 
linkages between enterprise/legacy 
system & online sites & services 
using knowledge of client-server 
architecture & relationa! database 
systems & applications. Migrate & 
integrate Customer Relationship 
Management (CRM) Tools with 
Genesys CTI. Work with advanced 
web development & maintenance 
tools such as HTML, JavaScript 
SQL, Photoshop, ASP. XML, CGI. 
etc. Evaluate & recommend third 
party vendor technologies & devel- 
op growth plans Required 
M.S.C.S. & 2yrs. exp. M-F, 
40/hrs/wk. Frequent relocation 
within the U.S. may be necessary. 
Send resume to J. Zurich, HR 
A#18, AC Technologies, Inc., 2751 
Prosperity Avenue, Suite 500 
Fairfax, VA 22031 


SAP Information Systems Consult- 
ant Analyze, design, develop & 
implement complex IT projects 
using SAP ABAP/4 for production 
planning & materials & warehouse 
mgmt. Design customer specific 
programs using ED! & ALE. Map 
interfaces from legacy systems. 
Provide technical alternatives & 
expertise to ensure effective IT 
implementation & quality control 
May train Analysts. investigate 
emerging IT & suggest improve- 
ments. Write technical papers. 
Consult w/all levels of IT organiza- 
tion & external IT personnel. Must 
be willing to travel to project sites 
throughout US 20-25% of time. 
Must have BS in Comp Sci 
Engineering, Business or related 
field + 3 yrs exp in job offered or 
SAP Programmer/Analyst. 8:30am 
-5pm, M-F. OT as needed 
$101,645/Yr. Reply to Job Order 
#WEB313901, Manager, Beaver 
County Team PA CareerLink, 2103 
Ninth Ave., Beaver Falls, PA 
15010-3957 


NETWORK ADMINISTRATOR 
Duties include: Maintain compa- 
ny’s interna! network systems. 
workstations and infrastructure. 
including routers, firewalls, and 
switches. Diagnose, research 
tests, and analyze data to rec- 
ommend communications hard- 
ware and software. Install com- 
munications hardware and soft- 
ware. Troubleshoot and identify 
areas of operation, which need 
upgraded equipment, such as 
modems, fiber optic cables, and 
telephone wires. Develop and 
write procedures for installation 
use, and solving problems of 
communications hardware and 
software. Monitor system perfor- 
mance and efficiency. Train 
users in use of equipment and 
software. Maintenance of Cisco 
7200 & 2600 Routers and 
Checkpoint IP400 & IP110 
series Firewalls. Min. Reqts. 
BS/BA (foreign equivalent 
accepted) in CS, IT, EE or reiat- 
ed AND 2 yrs exp. in the job 
offered OR 2 yrs exp. in related 
Occup. as systems analyst, sys- 
tems engineer or related occup 
PLUS, must have demonstrated 
knowledge of: (1) Implementing 
administering and configuring 
Windows NT 4.0 Server, NT 
Workstation, and UNIX Network 
Systems; (2) Installing and 
maintaining network systems. 
including routers, firewalls. 
switches and email accounts 
and (3) Installing and maintain- 
ing Cisco 7200 & 2600 routers. 
Checkpoint IP400 & IP110 
series firewalls, and PIX fire- 
walls. Basic pay RANGE is 
$47,000 to $65,000 per year for 
full-time employment (Mon-Fri 
9-5) and standard company 
benefits. EEO. Submit 2 
resumes and respond to Case 
No. 2001 14866, Labor 
Exchange Office, 19 Staniford 
Street, 1st Floor, Boston, MA 
02114. 


Technical Project Manager 
Manage direction & control of soft- 
ware development for credit & 
debit cards, visa & master cards 
define project plans for personnel, 
finances & equipment, test & im- 
plement software for credit & debit 
cards, coordinate stages of dev. for 
credit cards, works w/ design & 
specs of different systems models 
for collections of delinquent acct. 
authorization, works w/ data 
design & implementation using 
oracle, works w/ MS project, MS 
word, MS excel, Outlook & Power 
Point, design & develop improve- 
ments of systems production 
define & manage implementation 
of upgrades, maint. Electronically 
System Manuals, Tech. Specs 
Users & Operation Manuals, up- 
date & document the working 
chronograms of assigned projects. 
40 hrs per wk M-F 9AM-5PM, BS 
in System Engineering & 2 yrs exp. 
in job offered. Send resume to 
Technicard, inc. Attn: Oscar 
Galvez/Carios Balladares 3191 
Coral Way Suite 800, Miami 
Florida 33145. 


Computer Support Spe- 
cialist Analyze user 
requirements and busi- 
ness procedures and 
problems to automate 
processing & improve 
systems, design and inte- 
grate systems to facilitate 
business strategy. Bach. 
plus exper. required 
Competitive salary. Send 
resumes to MSI, 800 N.E. 
195th St. North Miami 
Beach, Florida 33179. 


Computerworld + InfoWorld * Network World * March 31, 2003 
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Senior Programmer Analyst 
Duties include: Under general 
direction, the SAPA formulates 
and defines systems scope and 
objectives in order to design 
develop and or modify informa- 
tion systems. Working indepen- 
dently with little direct supervi- 
sion will assist Project Leader in 
the development of detailed sys- 
tem specifications for major sys- 
tem installations. Duties inciude 
define business systems 
requirements; perform feasibility 
studies to analyze cost/benefit 
trade-off of system solutions; ini- 
tiate systems design specifica- 
tions and documentation; code 
programs; generate program 
test data and troubleshoot pro- 
grams; and provide technical 
guidance to less experienced 
Programmer/Analysts 
Demonstrated aptitude towards 
problem identification, resolu 
tion, and comprehension and 
interpretation of technical proce- 
dures. Min. Qual.: BS/BA (for- 
eign equivalent accepted) in CS 
IT, EE or related AND 2 yrs of 
exp. in the job offered OR 2 yrs 
exp. in related occupation in pro- 
gramming or systems analyst or 
related occupation. PLUS, must 
have: (1) demonstrated experi- 
ence and knowledge with all 
processes involved in systems 
analysis and programming 
including design factors. IW 
and SW requirements, system 
facilities, and job contro! proce- 
dures; (2) Technical proficiency 
in the development, implemen- 
tation, and maintenance of sys- 
tems gained through exposure 
to at least one major systems 
installation and 3) 
Demonstrated experience with 
the following computer lan- 
guages/systerm Cold Fusion 
Java, JavaScript, and MS SQL 
server. Basic pay range $60,000 
to 68,000 per year, full time, 40 
hrs/wk company benefits. EEO 
Submit 2 resumes and respond 
to Case No. 200115601, Labor 
Exchange Office, 19 Staniford 
Street, 1st Floor, Boston, MA 


Multiple openings at Norcross. 
GA and Imperial, PA for 
Prog/Sys Analysts, DBA’s, S/W 
Engineers to design/develop 
S/W appis using some of the 
fol-COGNOS, datawarehous- 
ing; Cobol, CICS, DB2; Java 
PB, HTML, XML; C++, VB. 
Oracle, Dev 2000; wireless 
web, OO technologies; SAP 
ABAP/4; Oracle/Sybase/Infor- 
mix database admin; Unix/NT 
system admin. B8S/MS or for- 
eign equiv. in CS, Engg 
Science, Math, Business or 
related field and relevant exp 
High salaries, F/T. Travel 
involved. Indicate office location 
desired. Respond to: HR 
Smartsoft International, Inc 
4898, South Old Peachtree 
Road, Ste 200, Norcross, GA 
30071 


Gambro, Inc. seeks applicants 
for position as Sr. Software 
Developer to work in Lakewood 
CO to be responsible for full life- 
cycle software development in 
C++ and Oracle database man- 
agement systems for informa- 
tion systems and business appli- 
cations in blood bank technolo- 
gy. Position requires a bache- 
lor's degree in computer science 
or electrical or electronic engi- 
neering and 2 yrs as a software 
developer using C++ and 
RDBMS and developing user 
interfaces and business applic3- 
tions including 1 yr. exp. working 
on blood banking info technoio- 
gy Also requires working 
knowledge of Oracie 8i 
PL/SQL, ADO and Object-ori- 
ented analysis and design 
Respond by resume to Mark 
Genkinger, Gambro, Inc., 10811 
W. Collins Ave., Lakewood, CO 
80215 
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BEA Systems, Inc. currently has opportunities available for the follow- 
ing positions (various levels/types) for locations throughout the U.S. 
including CA (San Jose & San Francisco); CO (Boulder, Denver. 
Colorado Springs); WA (Seattle & Kirkland); MA (Burlington); and NJ 


(Liberty Corner) 


Software Engineers* 
Systems Analysts 


Database / Systems Administrators 
Product / Project / Technical Manager 


“Travel may be required 


Please reference CW403 when you apply 


Send resume to BEA Systems. 
HR-Staffing, 2315 North First Street, Sar 
Jose, CA 95131. Fax: (408) 570-8958 
E-mail: Refer to career 
of www.bea.com. Principals only. EOE 


SAP CONSULTANTS Dev- 
elop & implem functional 
modules such as Fi/CO 
MM, SD, PP. ABAP Progr. 


PROGR ANALYSTS & 
DESIGN ENGINEERS 
Design, develop, implem 
data migration, testing of 
Bus Appin, PDM systems- 
Metaphase/ Windchill 
Enovia, Auto Components 
Skills such as C, C++, Java 
Oracle RDBMS, SAP 
Unix.CATIA,Pro Engineer 
CAD/CAM req'd. ICAD & 
other KBE OO sys devel 
need CAD/CAM/CAE exp 


BS, MS or equiv in CS 
Mech, EE, Bus Adin 
Finance or related field; & 
1-5 yrs exp in the req'd 
area 


Positions available in 
Detroit, MI & at client sites 
throughout US. Pis mail 
resume to HR, 33533 West 
12Mile Rd #131 
Farmington Hills, Mi 48331 


COMSYS is an established !T 

consulting firm that serves lead- 

ations including 174 

the Fortune 500. With COM- 

SYS tL Extensive 
Benefits 

sation for 


J Compen- 
referrals and 
Professional Challenges with 


training and assignments to 
keep you at the forefront of 
technology. With 30 offices, we 
of experi 

onsultants across the 


ystems Analyst 
* Software Engineers 
« User Support Specialists 
* BA's 
* Business Analysts 
* Project Leaders 


(CON ASYS 


Biue Star Infotech is hiring 
all levels of Software 
Engineers, Prog/Analysts 
Bus Analysts (technical) 
Business Dev. Heads 
General & Operations 
Managers, Project Mana- 
gers & Database Admin- 
istrators. Send resumes 
to Neerja Prashad, Blue 
| Star Infotech, 550 Valley 
Way, Milpitas, CA 95035. 
May be placed at client 
sites nationwide 


section 
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DATABASE ADMINISTRATOR 


Database Administrator to do 
logical and physical design of 
Oracle 11i database; Code test 
and implement Oracle scripts 
applying knowledge of Database 
Management Systems; Calcu- 
late optimum values for Oracle 
database parameters; perfor- 
mance tune Oracle databases 
Model Oracle database security 
manage backup and recovery of 
Oracle databases make 
changes to Oracle database 
applications using knowledge of 
Oracle Applications 111 
Discoverer 4i, VHDL, Jinitiator 
and NLS/MLS. Requirements 
Bachelor's Degree or equivalent 
in Computer Science or related 
field and two years experience 
as a Database Administrator 
expertise in Oracle database 
administration which includes 
logical design, physical design 
performance tuning, backup and 
recovery, coding of scripts 
knowledge of Oracle Applic- 
ations 11i, Discoverer 4i, VHDL 
Jinitiator and NLS/MLS. Salary 
$85,000/year. Working Condi- 
tions: 8:00 A.M. to 5:00 P.M., 40 
hours/week, involves extensive 
travel and relocation. Apply 
Fayette County Team PA 
CareerLink, Attn: JS Supervisor 
32 lowa St, Uniontown, PA 
15401, Job No. WEB314978. 


COMPUTERIIT 
Operations Info Systems Eng 
Req Bach deg or equiv foreign 
edu in Comp Eng, Comp Sci or 
Info Systems & 4 yrs of exp in 
the job offered or 4 yrs of exp in 
systems analysis. All of exp 
must incl info systems & soft- 
ware analysis, maintenance 
implementation & reporting 
Must also have exp managing 
integral info syst projects, incl 
coord activities of other related 
depts, incl sales, production & 
accounting depts. Must have 
worked w/business reporting 
systems. Must be fluent in 
Spanish & English. Exercise 
resp for the operation of key info 
syst & software analysis, main- 
tenance, modific., implem. & 
reporting activities & produce 
standard monthly info syst activ- 
ity & status reports for mgmt. Util 
knowl. of HFC tech, assist in 
analysis & negotiations for fiber 
im. systems. 40 hrs/wk 
resume to The Pattillo 
Companies Ltd., Attn: HR Dept 
P.O. Box 67, Tucker, GA 30085 
and/or resume@ecelero.com 


Analysis programmer | & Il 
positions available for phar- 
maceutical research company 
PRA international at Lenexa 
KS. Requirements include 
B.S. in computer science 
software engineering or infor- 
mation technology and relat- 
ed experience in analysis pro- 
gramming, statistical data 
analysis and clinical database 
Programming in either a med- 
ical or pharmaceutical setting 
Send resume to Hilary Reed, 
16400 College Bivd, Lenexa, 
KS 66219. 


| enV ach es 


(Micro/ Web) - 
Multiple Openings 


Structured systems analysis, de- 
sign, development, testing, quality 
assurance, implementation, inte- 
gration, maintenance and support 
of integrated client-server based 
systems for business, financial 
banking, manufacturing and other 
commercial business application 
systems in a multi-hardware/multi- 
software environment using cen- 
tralized or distributed relational 
database management systems 
4GLs (Fourth Generation Languag: 
es) and other GUI (Graphical User 
interface) front-end tools. Analysis 
design and development of client- 
server applications usir 

ented methodology. Bachelor's 
Degree (or equivalent) in Computer 
Science-Math/Engineer 
‘Business-Co 

experience in job offered or as 
Software Engineer/Systems Ana- 
lyst are required. Must have appro- 
priate combination of skills as fol- 
lows: 1 of Aand 2 of B; or 2 of Aand 
1 of B; or 3 of A. Aincludes Oracle 
Sybase, Informix, SQL Server. 
Progress, Ingres, Access and 
Proxy Server; and B includes 
PowerBuilder, Visual Basic, MS- 
Windows, Visual C++, JAM, APT. 
SQL SQL*FORMS ESQL/C 
GUPTA SQL, Progress 4GL 
Informix 4GL, Ingres 4GL, C, Java 
Lotus Notes, HTML, CGI, IIS, ASP, 
Front Page, Peri and Java 
Development Kit (JDK); High mobil- 
ity preferred. 40 hrs/week, 8 am - 5 
pm. $67,994 - $78,000 per year. 
Qualified applicants should contact 
or send resume to Site Administra- 
tor, Greene County Team PA 
CareerLink, 4 West High Street 
Waynesburg, PA 15370-1324 
Refer to Job Order # WEB 312059 


Programmer Analyst 
(Micro/Web) - 
Multiple Openings 


Structured systems analysis 
design, development, testing, qual- 
ity assurance, ir ementation, inte- 
gration, maintenance and support 
of integrated client-server based 
systems for business, financial 
banking, manufacturing and other 
commercial business application 
systems in a multi-hardware/mult 
software environment using cen- 
tralized or distributed relational 
database management systems 
4GLs (Fourth Generation Languag- 
es) and other GUI (Graphical User 
Interface) front-end tools. Analysis 
design and development of client- 
server applications using object-ori 
ented methodology. Bachelor's 
Degree (or equivalent) in Computer 
Science-Math/Engineering/Science 
Business-Commerce and 1 yr 
experience in job offered or as 
Software Engineer/Systems Ana 
are required. Must have appro 
priate combination of skills as f 
lows: 1 of A of B; or 2 of Aand 
1 of B; or 30fA Judes Oracle 
Sybase, Informix, SQL Server 
Progress, Ingres, Access and 
Proxy Server; and B includes 
PowerBuilder, Visual Basic, MS 
Windows, Visual C++, JAM, APT 
S SQL*FORMS, ESQL/C 
SQL, Progress 4GL 
Informix 4GL, Ingres 4 C, Java 
Lotus Notes, HTML, CGi, IIS, ASP. 
Front Page, Perl and Java 
Development Kit (JDK); High mobi 
ity preferred. 40 hrs/week, 8 am - 5 
pm. $67,994 - $78,000 per year. 
Qualified applicants should contact 
or send resume to Site Administra 
tor, Greene County Team PA 
CareerLink, 4 West High Street 
Waynesburg, PA 15370-1324 
Refer to Job Order # WEB 313921 


SYSTEMS ANALYST to analyze 
design, develop and maintain web- 
based business critical credit card 
application software systems using 
Java, Serviets, JSP, XML, JDBC 
Oracle, C++ and Webiogic under 
UNIX and Windows NT operating 
systems. Require: B.S. degree (or 
equivalent work experience) in 
Computer Science/Engineering, or 
a closely related field with two 
years of experience in the job 
offered or as a Programmer 
Analyst or Programmer. Compet- 
itive salary offered. Send resume 
to: Sandra A. Ricks, Citibank 
Universal Card Services, 8787 
Baypine Road, Jacksonville, FL 
32256; Attn: Job RS. 


COMPUTER/IT 

Senior Programmer Analyst 
(White Plains, New York) - 
Requires Bachelor's degree (or 
equiv foreign educ.) in 
Computer Science, Computer 
Engineering, or Electronic’ 
Engineering & 2 years’ exp. in 
the job offered or 2 years’ exp. in 
use of Powerbuilder, PFC 
(Powerbuilder Foundation Class 
Library), Sybase & Perl to devel- 
op software for investment 
mgmt. & brokerage operations. 
Stated exp. must include one 
year's exp. utilizing each of the 
following) NOMAD on a 
VM/CMS_ operating system; 
ADP's Brokerage and PSR sys- 
tems; & object-oriented method- 
ology to develop client/server 
applications. (Exp. may, but 
need not, be concurrent.) Utilize 
Powerbuilder, PFC, Sybase, & 
Perl to develop software for 
investment mgmt. & brokerage 
ops. 40 hrs./wk. 8:30 a.m. - 5:30 
p.m. Apply with resume to: 
Alliance Capital Management 
L.P., Attn: Karen Mooney, 1345 
Avenue of the Americas, 46th 
Floor, New York, New York 
10105, 


SOFTWARE ENGINEER 


Software engineer to design 
develop and test computer pro- 
grams for business applications 
analyze software requirements 
to determine feasibility of 
design; direct software system 
testing procedures using exper- 
tise in Powerbuilder, Java, UML, 
PowerDesigner, Jaguar, Oracle. 
Sybase and SQL _ Server 
Requirements Bachelor's 
Degree or equivalent in 
Computer Science or related 
field and two years experience 
as a software engineer or com- 
puter programmer, knowledge of 
Powerbuilder Java UML 
PowerDesigner, Jaguar, Oracle, 
Sybase and SQL _ Server. 
Salary: $74,000/year. Working 
Conditions: 8:00 A.M. to 5:00 
P.M., 40 hours/week, involves 
extensive travel and frequent 
relocation Apply: Manager 
Butler County CareerLink 
Pullman Commerce Center, 112 
Holiywood Dr, Suite 101, Butler. 
PA 16001, Job No. WEB314968 


SOFTWARE ENGINEER to design 
develop, test, implement and main- 
tain web-based application soft- 
ware in a client/server environment 
using Object Oriented program: 
ming, Rapid Application Develop- 
ment, GUI tools, Visual Interdev, 
Front Page, RDBMS, SQL Server, 
Oracle, ASP, Visual Basic, VB 
Script, Java Script, Visual Source 
Safe, ¢ tal Reports, IS, Cold 
Fusion, Java, Java Beans, J2EE 
Java Applets/Serviets, Websphere 
and Weblogic on Windows NT/98; 
2000 operating systems. Require: 
B.S. degree in Computer Science 
an Engineering discipline, or a 
closely related field with four years 
of experience in the job offered 
Extensive travel on assignment tc 
various client sites within the U.S. 
d. Comp: salary 
Apply by resume to: Uma 
Softcon USA, Inc., 2604 
E. Dempster St., Ste. 209, Park 
Ridge, IL 60068; Attn: Job RM 


International Programming & 
Systems, Inc. has employment 
opportunities for Systems An- 
alysts with any of the following 
skills: COGEN; SAPIENS; TERA- 
DATA; VB. Developers exp. in 
STRATUS, UNIX; UNIX Systems 
Admin and Network admin 
Positions are available through- 
out the US inc. Hamilton & W. 
Trenton NJ, Philadelphia, PA 
Seattle, WA. IPS also has open- 
ings for Sales and Recruiting staff 
in our San Francisco office. Elec- 
tronic responses are encouraged. 
Cflavell@ipsamerica.com or mail 
resume to IPS, 1875 So. Grant 
Street, #300, San Mateo, CA 
94402 (Fax) 650-572-8679 
Principals only please. 
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SOFTWARE ENGINEER 
SPECIALIST 


Design, implement and maintain 
software tools for manipulating 3D 
CAD data for both PC and UNIX. 
Design and implement infrastruc- 
ture for quality/regression testing of 
such software tools and toolkits. 
Support the use of such software 
tools and toolkits. Using C++, ksh. 
csh scripting, perl, xmi and other 
computer language technologies in 
the creation of software products. 
Utilize various source configuration 
management systems to control 
code incorporated into software 
Products. Requires a Bachelor's 
degree in Computer Science. 
Electrical or Electronic Engineering 
and 3 years experience in the job 
offered or 3 years in design/devel- 
opment or research of software 
algorithms for processing image 
data. Related occupation experi- 
ence to include 1 year experience 
or research in software develop- 
ment of 3D graphics using C++ and 
Visualization toolkit in Windows 
environment. 40 hours per week 
8AM to 5PM, Monday through 
Friday. Salary $56,870 per year. 
Must have proof of legal authority 
to work in the United States. Send 
your resume to the lowa Workforce 
Center, 122 Kellogg Avenue, Ames, 
lowa 50010-0410. Please refer to 
Job Order 1A1101706. Employer 
paid advertisement 


Programmer Analyst (Ann Arbor, 
Michigan): Assist in develop- 
ment of software applications & 
data distribution tools used to 
predict trends & pricing in the 
energy industry. Plan, develop & 
test computer applications for 
analysis of energy data, apply- 
ing knowledge of SQL & C Shell 
on UNIX platforms. Structure 
energy data utilizing similar 
techniques to those applied in 
structuring financial data. Utilize 
C Shell scripting language to 
solve technical problems 
encountered in delivery mecha- 
nism. Must have Bach. degree 
in Bus. Admin, Mngmt, Comp. 
Sci. or related field & 1 year exp. 
in job or in related job of Global 
Data Analyst. Related exp. must 
include data structuring for 
financial markets, C Shell 
UNIX, & SQL. Fax resume to: 
734-332-4440 


PROGRAMMER/ANALYST 


Research, design and develop 
computer software systems for 
pharmaceutical systems by apply- 
ing principles/techniques of com- 
puter science, engineering and 
mathematical analysis. Analyzes 

requirements to determine 
leasability of design within time and 
cost constraints. Consults with pro- 
duction support engineers. Compu- 
ter systems used are: VAX/VMS 
Sun/Solaris and Windows NT. Tools 
used are: RDB, Oracle, SQLMOD. 
C/C++, Java and runs on variety of 
applications servers including Web- 
logic. 40 hours/week, 8:00 a.m. to 
5:00 p.m., $65,000/year. Must have 
proof of legal authority to work in 
the United States. Send your 
resume to the lowa Workforce 
Center, 590 lowa Street Dubuque. 
1A 52004-0757. Please refer to Job 
Order #1A1101701. Employer paid 
advertisement 


SR. SOFTWARE CONSULTANT 


Design, development, testirig and 
integration of software applications 
and interfaces, implementation 
deployment of the product and 
resolve production problems. Skills 
required: Unix, C/C++, Sybase. 
CTLib, Oracle, PL/SQL, Pro*C 
TCP/IP, HL7. Powerbuilder, Power- 
J, VisualAge for C/C++ and Crystal 
Reports. Knowledge in HIPAA 
SNMP, Java, OODS, SQLServer, 
DBLib, XML, WebSphere, and Fire- 
wall is a plus. Working knowledge 
of RDBMS, OOPS, SDLC. . Shell 
Script required. 40 hours per week 
8:00 an. to 5:00 p.m., $60,000) 
year. Must have proof of legal 
authority to work in the United 
States. Send your resume to the 
lowa Workforce Center, P.O. Box 
757, Dubuque, lowa 52004-0757. 
Please refer to Job Order 
141101709. 
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COMPUTER/IT 

Business Applications Special- 
ist. Engage in support & main- 
frame relational database 
design & dvipmnt. for Essbase 
OLAP multidimensional applica- 
tions used for sales volume bud- 
geting, forecasting & reporting & 
for financial budgeting, forecast- 
ing & reporting using Visual 
Basic & SQL programming 
Design & develop OLAP appli- 
cations. Req. Bach.'s degree (or 
foreign equiv.) in Computer 
Science or Computer Engin- 
eering, & 3 yrs.’ exp. in the job 
offered or 3 yrs. of IT exp. in 
client server Visual Basic design 
& dvipmnt. using multi-tiered 
architectures. Stated exp. must 
incl. 2 years in each of the fol- 
lowing: mainframe relational 
database design & dvipmnt 

SDLC quality assurance tech- 
niques; Use Case methodology, 
& primary technical liaison inter- 
actions with co. business unit 
(Exp. may, but need not be, con- 
current.) Must be available to 
provide weekend & night appli- 
cations support. Email resumes 
to: greatjobs@purina.com, Attn 
job # LCERTBAS, or mail to 
Nestle Purina PetCare 
Company. Checkerboard 
Square- 1A Attn: Staffing, St. 
Louis, MO 63164-0001 
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Texas, in San Antonio. 

At the same time, many 
companies are confronting the 
mainframe training issue in 
reverse, as they begin to phase 
out mainframe systems. 

For example, Mattel Toys 
Inc. is training mainframe op- 
erators to work on Sun Micro- 


Continued from page 1 
Mainframers | 


skills in conjunction with 
Poughkeepsie, N-Y.-based 
Marist College and developing 
a best-practice knowledge base 
to which data center managers 


Getting IT professionals, es- 
pecially young ones, interest- 
ed in learning mainframe 
work isn’t easy. But Ruben 
Trujillo, a technical specialist 
at U.S. Foodservice in Phoe- 
nix, said a company program 
seems to be helping. 

New IT employees who may 


ing to some prospective em- 
ployees. Moreover, the work 
schedule — 12.5-hour shifts 

with alternate three- and four- 
| day weeks — is attractive to 
some, said Trujillo. “I love it. It 
allows me to spend more time 
with my family,” he said. 


oie Ahead 


can contribute their expertise. 


“We believe it’s a very im- 
portant issue,” said Brian 
Koma, vice president of mar- 
keting at Orange, Calif.-based 
AFCOM (the Association for 
Computer Operations Man- 
agement). He said the organi- 


zation hopes the initiative will 


prompt IT managers “to take 
some early action” to plan for 


retirements “so they don’t have 


to spend more money later.” 
In addition to offering 
hands-on training sessions at 
AFCOM’s semiannual confer- 
ences, the initiative provides 


for undergraduate and certifi- 


cate courses in data center 
technology. 


Aging Mainframers 
A study last year by Meta 


Group Inc. in Stamford, Conn., 


found that 55% of IT workers 
with mainframe experience 
are over 50 years old. Confer- 


ence attendees, such as Gerald 
Tucker, data center operations 


manager at Foster Farms Inc., 
one of the largest poultry op- 
erations in the U.S., readily 

agreed with that finding. But 


he said he isn’t sure what to do 


about it. 

Tucker has two mainframe 
operators with more than 20 
years of experience who plan 
to retire in about six years, 
and he said finding replace- 
ments could be a problem 

“The solution could be an 


outsourcing possibility at that 


time,” he said. 


The Livingston, Calif.-based 
company needs to find people 


with a rare set of characteris- 
tics: They must have good 
technical skills and be com- 
fortable dealing with repeti- 
tive and mundane tasks, said 


Tucker. “They are usually one 


or the other,” he said. 





be destined to work in finance, | 
for instance, can volunteer to 
tour the data center and be ex- 
posed to its operations. “It’s 
opened up interest,” he said. 
One of the data center’s sell- 
ing points is its critical, round- 
the-clock nature, said Trujillo. 
“The pressure and importance 
of it are very high,” he said, 
noting that that can be appeal- | 





Training Costs Rise 

IT managers said they’re ex- 
periencing a rise in training 
costs. Mainframe skills aren’t 
widely taught, which means 
companies typically have to 
pay a premium for travel and 
training that can be as high as 
$30,000 to $50,000 annually 
per employee. “Our training 
budgets are definitely going 





to be needed in the long term. 


® Few educational institutions 
currently teach the skills. 


& Many mainframe workers are 
expected to retire in five to 
seven years. 


| up,” said Gary Rose, infor- 


mation services operations 
manager for Bexar County, 


Tight IT Budgets Boost Server 
And Data Center Consolidation 


LAS VEGAS 

The rush to consolidate servers 
and the data center is on. Many 
companies appear to be squeez- 
ing redundant hardware, soft- 
ware, maintenance and service 
costs out of their data centers - 
and the effort is quickly paying 
off, according to IT managers. 

Bayer Corp. in Pittsburgh offers 
a dramatic example of how much 
money can be saved: The compa- 
ny last year consolidated 42 data 
centers into two and cut the num- 
ber of servers from 1,335 to 615. 
Expected savings: $76 million 
over five years, according to Ho- 
bart Moore, an IT manager in- 
volved in the project. 

The initiative was completed in 
July and delivered $10 million in 
savings last year alone, said 
Moore, who spoke about the con- 
solidation at a data center confer- 
ence held here last week by the 
data center professional associa- 
tion AFCOM. 

“We showed that we aren't 
just out there providing services 
and that we can actually save the 
company money when it became 
necessary to do so,” said Moore. 


“We came up with very solid 
ways of reducing cost without 
slashing services.” 

In fact, many IT managers at 
the conference said they are in- 
volved in data center or server 
consolidation projects. 

Over the past two years, Will- 


iams-Sonoma Inc. has purchased : 


five of IBM's high-end Regatta 
Unix servers at a cost of $1.5 mil- 
lion each. The San Francisco 
company is halfway through a 
yearlong plan to reduce 100 
stand-alone servers to five. 
Those servers will be moved to a 
partitioned environment on the 
Regatta servers, because parti- 
tioned servers can run multiple 


were going to buy 
ro icc 


STEVE STEWART, D DATA CENTER 
MANAGER, WILLIAMS-SONOMA INC. 


applications on the same box. 


“You spend a lot of money up- 


: front,” said Steve Stewart, the 


manager of the retailer's data cen- 
ter. But, he added, “it was either 
that or they were going to buy an- 


: other 50 servers in the next year.” 


Stewart expects a return on 
investment in two or three years 
and foresees savings coming 
from just about every aspect of 
the data center's operation, in- 
cluding power, maintenance, 
personnel and licensing fees. 

Eliminating one stand-alone 
server often allows companies to 
get rid of four more servers: the 
production server, the testing 
server, the fail-over server and a 
development server, said Marvin 
Hamann, director of operations 
at Supervalu Inc., an Eden 
Prairie, Minn.-based wholesaler 
and distributor of food and gen- 
eral merchandise to grocery and 
discount stores. 

Hamann is reducing the num- 
ber of stand-alone servers at his 
company from 120 to 60 by mov- 


- ing to partitioned servers. And 


that’s not the end of the consoii- 
dation. “When we get to that goal, 


systems Inc.’s Solaris operat- 
ing system, among others. 

Learning these new systems 
isn’t easy for mainframe work- 
ers, said Lynn Hartman, data 
| center manager at Mattel in 
Phoenix. 

“For the older guys, it’s a 
major leap,” Hartman said. 
“But we made it clear it’s a ne- 
cessity, not an option.” D 





we will set a new goal,” he said. 

Consolidating data centers or 
servers isn't a new concept, and 
IT managers at the conference 
were Clearly aware of the poten- 
tial problems and costs of allow- 
ing business units to add server 
after server to host applications. 

But the continuing economic 
downturn has put pressure on IT 
departments to cut back. And, as 
Moore put it, “costs were just 
getting out of control.” 

Mark Levin, an analyst at Meta 
Group Inc. in Stamford, Conn., 
called consolidation the “hottest 
thing” and said the most difficult 
aspect of the effort often is com- 
ing to terms with the inventory. 
Consolidating servers can lead to 
some management resistance, 
particularly if a business unit 
hosts a particular server. But as 
long as service delivery is unaf- 
fected, company buy-in is usually 
easy to get, IT managers said. 

Michael McShane, manager of 
technical services and operations 
at Krasdale Food Inc., a White 
Plains, N.Y.-based food distribu- 
tor, said getting cooperation from 
business units for consolidation 
projects is ultimately not a prob- 
lem. “The dollars and cents of it 
convinces higher-ups, and it’s a 
done deal,” said McShane. 

~ Patrick Thibodeau 
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Missing Mainframers 


UPPOSE THERE’S A SHORTAGE of a particular IT skill set. 
We all know what happens, don’t we? Those skills become 
hot. Training courses spring up. Salaries go through the 
roof. And the one thing that surely won’t happen is that 
people with expertise in that skill set will be retrained to 
do something else, thus making the shortage worse — right? 
Except when it comes to mainframes. Crazy, huh? 
As Computerworld’s Patrick Thibodeau reports this week (see 
story, page 1), mainframers are in such short supply that one pro- 


fessional group for data center managers is set- 
ting up its own college-level online courses for 
potential mainframers. But at the same time, IT 
shops that are phasing out mainframes are actu- 
ally retraining experienced mainframers to do 
nonmainframe IT work. 

Insane as that sounds, it does make sense 
when you remember that 55% of mainframers 
are in their 50s or 60s. These aren’t kids who 
are ready to jump to another company at the 
drop of a hat. These people are fully vested in 
their pension plans. They’d rather struggle to 
learn new technologies than start over at an- 
other company that needs their mainframe 
skills for the few years before they retire. 

Meanwhile, young IT people aren’t jumping 
into mainframe work. They were never taught 
mainframe skills. After all, pundits and analysts 
and other industry blowhards have been saying 
mainframes are dead, or at least dying, for a 
decade now. Why learn something that’s dying? 

But mainframes aren’t dead at many IT 
shops. And they show no signs of dying soon. 
Unix didn’t kill them. PC networks didn’t kill 
them. Y2k was supposed to kill them when all 
that mainframe code stopped running on Jan. 1, 
2000. But instead we spent billions of dollars 
fixing that code — and now we 
have to earn out that investment. 

That’s not the only reason main- 
frames refuse to die. Mainframes 
work. They still set the standards 
for security and reliability and 
availability in IT. And mainframe 
MIPS have kept getting cheaper in 
the 10 years since IBM realized it 
could no longer survive by soaking 
its mainframe customers. 

So mainframes aren’t going away. 

But mainframers are. And they’re 
not being replaced. 

What do you do if you’re looking 


at a staff of highly experienced mainframers 
who will be retiring in a few years? You can 
outsource, but that limits your flexibility — 
and it hands the management of your most 
critical data to someone for whom it’s just 
another job. You can migrate off those main- 
frames, and if that’s your plan, now’s the time 
to start — it’ll take years to re-create or trans- 
form the business processes embedded in that 
mainframe code. (That’s why it was worth 
making all those Y2k fixes instead of rewriting 
the code, remember?) 

Or, since you won't be able to hire the main- 
frame talent you need, you could start creating 
it yourself. 

You could make it part of your shop’s prima- 
ry career path. That means everyone learns the 
basics. Not everyone will have the right mix of 
skills and temperament for mainframe work, 
but a few probably will. 

And if those few people with the right apti- 
tude pull the average age of your mainframers 
down in a few years from, say, 55 to 40, your 
mainframe skills crisis is over. 

Besides, if your mainframes aren’t going 
away, they’re a key piece of your IT infrastruc- 
ture. Like the Internet and security, the main- 

frame is something everyone in 
your shop needs to understand. 
And for that, there’s no replace- 
ment for hands-on experience. 

So you have options: outsourc- 
ing, migration or building your 
own mainframers. But whatever 
you're going to do about your 
mainframe skills problem, start 
working on it now. 

Because if your mainframers are 
gone before you’ve got something 
or someone to replace them with, 
you'll find out just how crazy a 
skills shortage can be. D 
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